NIH - Cyber Program Analyst

cFocus Software IncorporatedBethesda, MD
Remote

About The Position

cFocus Software is seeking a Cyber Program Analyst to support the National Institutes of Health (NIH) program. This is a fully remote position that requires a Public Trust clearance or the ability to obtain one.

Requirements

  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 2+ years supporting federal cybersecurity programs, RMF, governance, compliance, or ISSO activities.

Nice To Haves

  • Security+ certification
  • CAP certification
  • CISSP certification
  • CISM certification
  • PMP certification
  • Knowledge of NIST RMF
  • Knowledge of NIST SP 800-53 Rev.5
  • Knowledge of FISMA
  • Knowledge of FIPS
  • Knowledge of A&A
  • Knowledge of POA&M management
  • Knowledge of SSP development
  • Knowledge of cybersecurity reporting
  • Knowledge of risk management
  • Knowledge of executive communications
  • Knowledge of ServiceNow
  • Knowledge of Microsoft Office
  • Knowledge of cybersecurity governance

Responsibilities

  • Support day-to-day program management activities, schedules, milestones, action items, and project reporting.
  • Develop weekly, monthly, quarterly, and ad hoc cybersecurity reports, executive dashboards, risk profiles, and program metrics.
  • Coordinate Program Management Plans, Project Management Plans, Integrated Master Schedules, SOPs, and other contract deliverables.
  • Support Front Door security operations by tracking requests, maintaining documentation, and coordinating issue resolution.
  • Assist ISSOs and System Owners with Assessment and Authorization (A&A) activities throughout the RMF lifecycle.
  • Develop and maintain RMF documentation including SSPs, Security Assessment Plans, Security Assessment Reports, POA&Ms, and authorization packages.
  • Monitor NIST SP 800-53 Rev. 5 security control implementation and continuous monitoring activities.
  • Track Plans of Action & Milestones (POA&Ms), risk acceptance decisions, and remediation activities.
  • Support Risk Management Strategy updates, common control libraries, and Cybersecurity Supply Chain Risk Management (C-SCRM) activities.
  • Coordinate FISMA reporting, audit responses, corrective action plans, and cybersecurity compliance activities.
  • Provide cybersecurity guidance to stakeholders regarding security requirements, documentation, and compliance obligations.
  • Analyze cybersecurity metrics and identify trends, risks, and recommendations supporting executive decision making.
  • Maintain program documentation and ensure compliance with NIH, HHS, NIST RMF, and federal cybersecurity policies.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service