Apply on Employer Site

Maximus · 8 hours ago

Cybersecurity Analyst

Colorado Springs, CO

Full-time

Onsite

Mid, Senior Level

$75K/yr - $115K/yr

7+ years exp

Maximus is seeking a Cybersecurity Analyst to support a federal client in maintaining compliance and strengthening the security posture of mission-critical systems. The role involves ensuring adherence to government security requirements and managing risk and vulnerability management activities to safeguard critical systems and data.

Business Process Automation (BPA)ConsultingEducationGovernmentGovTechHealth CareInformation Technology

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Serve as the primary point of contact for security compliance activities, collaborating with stakeholders to track and resolve security concerns

Manage and maintain POA&Ms, ensuring timely remediation of findings and alignment with government and contract requirements

Support vulnerability management efforts, including running security scans and reviewing scan results, tracking remediation activities, and verifying closure of findings

Conduct risk management activities including risk assessments, risk analysis, and documentation of risk mitigation strategies

Conduct compliance reviews to ensure systems adhere to federal regulations, contract requirements, and applicable frameworks (e.g., NIST 800-53, RMF)

Assist in preparing and maintaining security documentation, including System Security Plans (SSPs), assessment reports, and risk analyses

Collaborate with technical teams across disciplines to validate security controls, provide compliance guidance, and ensure mission success

Participate in incident response and after-action reviews, documenting lessons learned and compliance impacts

Develop and deliver compliance reports and metrics for leadership, federal stakeholders, and auditors

Contribute to security awareness and training initiatives to promote compliance across operational teams

Qualification

Security complianceVulnerability managementRisk managementFederal security frameworksPOA&M managementSecurity documentationSecurity certificationsIncident responseCommunication skillsCollaboration skills

Required

Active Secret clearance required

Due to contract requirements, only US Citizens can be considered. Candidates with dual citizenship cannot be considered

7+ years of experience in security compliance, vulnerability management, or related cybersecurity field

4+ years of experience with managing and tracking POA&Ms within government contracting environments

4+ years of experience with federal security frameworks, policies, and requirements (e.g., FISMA, NIST RMF)

4+ years of experience with vulnerability management processes and tools

4+ years of experience with risk management activities, including conducting risk assessments and risk analysis

4+ years of experience with collaboration with technical teams to address findings and implement compliance solutions

Strong written and verbal communication skills with the ability to prepare compliance documentation and reports

Candidates must reside within a commutable distance for daily onsite work and meet recall/on-call requirements in a 24x7x365 environment

Preferred

Certifications in the security field such as CISSP, CISM, CAP, or similar

Experience with federal government contracts, with preference for contracts under Homeland Security

Recent DHS experience with security compliance, risk management, or assessment activities

Familiarity with security tools including antivirus software, vulnerability scanners, access control, endpoint protection, vulnerability management, PKI certificate management, logging/SEIM, and DLP