Security Analyst / Information Systems Security Officer

Security Analyst / Information Systems Security Officer

Fort Meade, MD

Type: Contract-to-Hire

Category: Engineer

Industry: Government

Reference ID: JN -052026-107033

Date Posted: 05/19/2026

Shortcut:

• Description

• Recommended Jobs

Description:

Onsite in Fort Meade, MD

Our client seeks a Security Analyst serving as an Information Systems Security Officer to lead implementation and enforcement of security policies aligned to NIST frameworks. The role will conduct continuous monitoring, risk assessments, accreditation support, and control validation, while advising on architecture changes and software risk. The position requires hands-on experience with eMASS, RMF, STIGs, and federal compliance regimes including FISMA and FedRAMP.

Due to federal security clearance requirements, applicant must be a United States Citizen with an active Secret clearance. This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $60.00 to $70.00/hr. w2

JN -052026-107033

Responsibilities:

• Conduct continuous monitoring for assigned systems, including threat monitoring, access reviews, and vulnerability mitigation planning.

• Support security operations center activities, system reviews, and incident investigations.

• Maintain knowledge of security architecture and business purposes of systems.

• Document and maintain applicable NIST 800-53 controls for responsible IT systems.

• Update System Security Plans semi-annually and document changes.

• Certify accuracy of continuous monitoring information for assigned systems.

• Advise on architecture and configuration changes through established change and configuration management.

• Evaluate software prior to production to identify and communicate potential risk.

• Support internal and external audits and corrective action execution.

• Evaluate and advise on privileged access requests for IT systems.

• Develop and deliver artifacts required for Ongoing Authorization and the NIST Cybersecurity Framework.

• Perform certification assessments including review of change requests, PPS, whitelist requests, self-assessments, compliance statements, scans, STIG reviews, SSPs, evidence, artifacts, and on-site results.

• Attend weekly training and staff meetings to align with procedure updates.

• Use government tooling including resourcing tools for on-site reviews, eMASS for control reviews, RTS for actions, PPSM database, Whitelist Tool, DITPR, and RMF Knowledge Service.

• Conduct security architecture reviews for STIG compliance and best practices and document analysis for risk recommendations.

• Develop customized checklists based on architecture, specialized equipment, accredited deployment guides, and UC APL guidance.

• Analyze POA&Ms and mitigation plans to determine residual risk and document statements of residual risk.

• Conduct risk assessments of threats, vulnerabilities, and mission impact to inform countermeasures and residual risk.

Experience Requirements:

• At least 10 years performing or supporting ISSO responsibilities in a US Government environment.

• At least 10 years working with NIST cybersecurity standards and best practices.

• Demonstrated experience with FISMA, FedRAMP, and NIST Special Publications.

• Hands-on experience with RMF, NIST 800-53 control implementation, continuous monitoring, and security assessment and authorization.

• Proficiency with eMASS, PPSM, DITPR, Whitelist Tool, RTS, STIGs, and RMF Knowledge Service.

• Experience conducting vulnerability assessments, POA&M analysis, risk assessments, and architecture reviews.

• Experience supporting audits and generating authorization artifacts and evidence.

• Ability to evaluate software risk and advise on change and configuration management processes.

• Active Secret security clearance.

• U.S. citizenship.

Education Requirements:

• Bachelor's degree in computer science, information systems, or a related field.

• CISSP certification.

• CISM certification.

• CompTIA Security+ certification.

Recruitment Transparency Notice

Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team ( View email address on click.appcast.io , View phone number on click.appcast.io) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process.

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.

If anyone reaches out to you about an open position connected with Eliassen Group, please ensure that you are working directly with us by confirming the following:

· When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.

· Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group.

If you have any indication of fraudulent activity, please contact View email address on click.appcast.io .

About Eliassen Group:

Eliassen Group is a strategic consulting firm that helps organizations reach further and achieve more through our technology, business advisory, and life sciences solutions. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients' capacity and accelerate meaningful outcomes. We are driven by a purpose to positively impact the lives of our employees, clients, consultants, and the communities we serve.

Eliassen is committed to building a diverse and inclusive team from a variety of backgrounds, perspectives, and skills. We are an Equal Opportunity and Affirmative Action Employer and all employment decisions are based on merit, performance, and business needs. Eliassen does not discriminate on the basis of race, color, gender identity or expression, sexual preference or orientation, sex (including pregnancy, childbirth, and related medical conditions), marital status, creed, religion, physical or mental disability, genetic information, military or veteran status, age, ancestry, national origin, citizenship status, prohibited criminal record inquiries of applicants and employees, or any other category protected by federal, state, or local laws.

Don't miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!