Cybersecurity Analyst
Improvix Technologies•Washington, DC
•Onsite
About The Position
We are seeking a Cybersecurity Analyst with strong experience in ATO and RMF compliance to support a high-volume federal cybersecurity program. This role is heavily focused on leading Authorization to Operate (ATO) efforts from start to finish—owning documentation, coordinating stakeholders, and guiding systems through assessment and authorization with minimal to no hand-holding. The ideal candidate combines deep compliance expertise with enough technical understanding of cloud and infrastructure (Azure/AWS) to confidently engage engineers, assessors, and senior leadership.
Requirements
- Active Secret clearance required (Top Secret eligible)
- 5+ years of experience in cybersecurity compliance / RMF / ATO support
- Proven ability to lead ATOs independently from start to finish
- Hands-on experience with NIST Risk Management Framework
- Hands-on experience with NIST SP 800-53 Rev. 5
- Experience writing implementation statements and ATO documentation
- Strong understanding of cloud environments (Azure and/or AWS)
- Ability to communicate effectively with both technical and executive stakeholders
- Experience working in federal or government environments
Nice To Haves
- Experience with FedRAMP, CIS benchmarks, or similar frameworks
- Familiarity with Archangel
- Exposure to SIEM tools (e.g., Splunk)
- Experience supporting high-volume ATO pipelines / multiple concurrent systems
- CISSP certification (highly desirable)
- CAP certification
- CISM certification
- Security+ certification (baseline)
Responsibilities
- Lead systems through the full ATO lifecycle using NIST Risk Management Framework
- Independently manage ATO packages from initiation through authorization
- Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms)
- Write detailed control implementation statements aligned to NIST SP 800-53 Rev. 5
- Prepare for and support assessment boards and authorization reviews
- Apply and interpret NIST 800-53 Rev. 5 controls and baselines
- Support migration of systems from older control baselines to Rev. 5
- Collect, validate, and organize artifacts required for control implementation
- Justify control implementations to assessors and review boards
- Support ATO efforts for systems deployed in Microsoft Azure and Amazon Web Services (AWS)
- Understand cloud architecture, services, and data flows well enough to document systems accurately and translate technical configurations into compliance language
- Partner with engineers to align cloud implementations with compliance requirements
- Interface directly with System Engineers & Architects, ISSOs / Security Teams, Authorizing Officials (AOs), and Senior leadership (CIO-level stakeholders)
- Clearly communicate requirements, gaps, and remediation actions
- Lead discussions during assessments and audits
- Support audits, data calls, and compliance reviews
- Identify risks, gaps, and remediation actions
- Track and manage POA&Ms to closure
- Contribute to continuous monitoring (ConMon) activities
- Support related efforts such as privacy compliance when needed
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
