Information System Security Compliance Analyst (Multiple Levels)
$78.9k - $123.3kNoblis
Responsibilities
Position Overview
We are seeking a detail-oriented cybersecurity compliance professional to support system authorization and continuous monitoring activities within a Federal environment. This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal cybersecurity requirements, and maintaining the documentation necessary to support Authorization to Operate (ATO) decisions.
The ideal candidate will have experience working with NIST RMF, NIST SP 800-53 controls, security authorization packages, POA&M management, and compliance documentation. Candidates should be comfortable working with technical teams to assess control implementation, identify compliance gaps, and provide guidance to support remediation efforts and POA&M closure.
Key Responsibilities
Manage the security authorization lifecycle for one or more information systems in accordance with Federal Risk Management Framework (RMF) requirements.
Coordinate activities required to obtain and maintain Authorization to Operate (ATO) approvals.
Assess and track implementation of NIST SP 800-53 security controls and associated compliance requirements.
Develop, review, update, and maintain authorization package documentation, including:
System Security Plans (SSPs)
Security Assessment Reports (SARs)
Plan of Action and Milestones (POA&Ms)
Risk Assessments
Continuous Monitoring documentation
Security-related policies and procedures
Manage POA&M activities by tracking findings, monitoring remediation progress, validating corrective actions, and supporting closure efforts.
Provide technical guidance and compliance recommendations to system owners, engineers, administrators, and security stakeholders to facilitate POA&M remediation and closure.
Coordinate with technical teams to gather evidence supporting security control implementation and compliance requirements.
Review vulnerability scan results, assessment findings, and security documentation to identify compliance gaps and areas requiring remediation.
Support continuous monitoring activities by tracking security posture, compliance status, and ongoing control effectiveness.
Participate in security assessments, audits, and compliance reviews conducted by internal and external stakeholders.
Assist in the development of risk mitigation strategies and recommendations for addressing identified security weaknesses.
Track authorization milestones, compliance deadlines, and remediation activities to ensure timely completion.
Communicate compliance status, risks, findings, and recommendations to both technical and non-technical stakeholders.
Support audits and reporting activities related to Federal cybersecurity requirements and organizational security programs.
Required Qualifications
Experience supporting cybersecurity compliance, security authorization, risk management, or information security programs.
Experience working with the NIST Risk Management Framework (RMF).
Subject matter expertise with NIST SP 800-53 security controls and Federal cybersecurity compliance requirements.
Experience supporting the development, maintenance, or review of authorization package documentation, including SSPs, SARs, POA&Ms, and Risk Assessments.
Understanding of the Authorization to Operate (ATO) process and continuous monitoring requirements.
Experience tracking and managing POA&M findings through remediation and closure.
Ability to review technical security information and translate findings into compliance documentation and actionable recommendations.
Understanding of cybersecurity principles, security controls, vulnerability management, and risk management concepts.
Strong organizational skills with the ability to manage multiple systems, priorities, and compliance activities simultaneously.
Strong written and verbal communication skills, including the ability to develop and review formal security documentation.
Proficiency with Microsoft Office applications, particularly Excel, Word, and PowerPoint.
U.S. Citizen or Green Card Permanent Resident with a minimum of three (3) years of U.S. residency.
Ability to obtain and maintain an FAA Public Trust.
Education & Experience Substitutions
Substitutions are subject to government customer review and approval.
Mid to senior
Bachelor's degree in Cybersecurity, Information Technology, Telecommunications, or a related field.
9+ years of experience in cybersecurity or network security roles
Substitutions: For anything requiring a substitution, the government customer is subject to further review and either approve or deny the request.
A High School degree with a total of 15 years of experience in cybersecurity or network security roles
Masters degree with a total of 6 years of experience in cybersecurity or network security roles.
Compensation Ranges: for D.C., NJ, Remote: $78,900 - $123,300
Senior:
Bachelor's degree in Cybersecurity, Information Technology, Telecommunications, or a related field.
16+ years of experience in cybersecurity or network security roles
Substitutions: For anything requiring a substitution, the government customer is subject to further review and either approve or deny the request.
A High School degree with a total of 20 years of experience in cybersecurity or network security roles
An Associates Degre with a total of 18 years of experience in cybersecurity or network security roles
Masters degree with a total of 13 years of experience in cybersecurity or network security roles
Compensation Ranges: for D.C., NJ, Remote: $95,500 - $180,525
Desired Qualifications
Experience supporting federal government programs, preferably within the FAA, Department of Transportation, or other civilian federal agencies.
FAA or transportation sector experience preferred.
Experience serving as an Information System Security Officer (ISSO), Security Control Assessor (SCA), Information System Security Manager (ISSM), or similar cybersecurity compliance role.
Experience managing authorization packages for multiple systems simultaneously.
Strong knowledge of NIST SP 800-53 Rev. 5, NIST RMF, FISMA, and related Federal cybersecurity requirements.
Experience developing, reviewing, and maintaining SSPs, SARs, POA&Ms, Risk Assessments, Contingency Plans, and other authorization artifacts.
Experience conducting control assessments, compliance reviews, and security documentation audits.
Ability to interpret technical findings from vulnerability scans, configuration assessments, and security reviews to support risk-based decision-making.
Experience providing technical guidance to engineering and operations teams to support corrective actions and POA&M closure.
Familiarity with continuous monitoring programs and ongoing authorization requirements.
Experience working with vulnerability management tools, compliance dashboards, and governance, risk, and compliance (GRC) platforms.
Knowledge of cloud security compliance, Zero Trust Architecture, and modern Federal cybersecurity initiatives.
Industry certifications such as:
CISSP
CAP (Certified Authorization Professional)
Security+ CISM
GSLC
CGRC
or equivalent certifications
Strong written, verbal, analytical, and interpersonal communication skills, with the ability to interact effectively with technical teams, auditors, system owners, and government stakeholders.
Overview
Noblis ( and our wholly owned subsidiaries, Noblis ESI , and Noblis MSD tackle the nation's toughest problems and apply advanced solutions to our clients' most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Learn more at Noblis -About Us (
Why work at a Noblis company?
Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards ( . Noblis maintains a drug-free workplace.
- Remote/hybrid status is subject to change based on Noblis and/or government requirements
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, sex, age, national origin, religion, physical or mental disability, pregnancy/childbirth and related medical conditions, veteran or military status, or any other characteristics protected by applicable federal, state, or local law.
If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us ( .
EEO is the Law ( | E-Verify ( | Right to Work (
Total Rewards
At Noblis we recognize and reward your contributions, provide you with growth opportunities, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, and work-life programs. Our award programs acknowledge employees for exceptional performance and superior demonstration of our service standards. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in our benefit programs. Other offerings may be provided for employees not within this category. We encourage you to learn more about our total benefits by visiting the Benefits ( page on our Careers ( site.
Compensation at Noblis is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, clearance level, as well as contract-specific affordability, organizational requirements and applicable employment laws. The projected compensation range for this position is based on full time status. For part time or on-call staff, compensation is proportionately adjusted based on hours worked. While monetary compensation is important, it's just one component of Noblis' total compensation package.
Posted Salary Range
USD $78,900.00 - USD $180,525.00 /Yr.
$40 - $45 per hour
...client is looking for an Information Security Analyst for a 4‑month contract‑to‑... ...satisfy organizational and compliance reporting requirements. Develop... ...and methodologies. Systems & Technical Audit: Knowledge... ...Foundational knowledge across multiple technology domains,...Information SystemHourly payPermanent employmentContract workTemporary workWork experience placement$30 per hour
...development in fields such as information technology, technical/systems consulting, technical... ...supporting Federal Compliance and Federal Sales Teams. The Information Security Compliance Analyst is expected to work... ...remains posted. Career Level - IC0 About Us Only...Information SystemHourly payTemporary workInternshipFlexible hours- ...Responsibilities As an Information SecurityAnalyst I , you will assist the Program Manager... ...Framework (RMF) related activities including Security Control Assessments (SCA) and assisting system owners in the transition to RMF compliance. In assuming this position, you will be...Information SystemFor contractorsWork at office
$102k - $112k
...sophisticated and dynamic systems that create facility... ..., heating, security, fire protection, and... ...Inc. seeks a Security Analyst for Identity and Access... ...monitor the enterprise information security system as directed... ...at all organizational levels. Strong project management...Information SystemFlexible hours- ...Information Security Role Functional: • 2+ years of experience in Information Security, Technology... ...for auditing and addressing non-compliance to information security standards and... ...role. We promote and support a diverse workforce across all levels in the company....Suggested
- ...seeking a highly skilled and experienced Security Analyst to join our team. In this role, you... ...the security of our organization's information systems and data. You will work closely with... ...security documentation and reports for compliance purposes Qualifications Bachelor's...Information System
- ...Security Analyst â Identity and Access Management (IAM) HIGHLIGHTS... ...on the companyâs identity systems and single sign-on systems (... ...This includes enhancing the information security management framework... ...interact with personnel at all levels. Strong project management...Information SystemHourly payContract workRemote work
- ...forward-thinking companies modernize their systems, improve travel management and save... ..., energetic, hands-on, and proactive Information Security Analyst to maintain and operate Deem's... ...of threat intelligence and regulatory compliance. Responsibilities Advise senior...Work at office
- ...Governance, Risk, and Compliance (GRC) Analyst We operate at the... ...posture across multiple regulatory frameworks... ...42001, and CSA Star Level 2 certification programs... ...'s degree in Information Security, Computer Science, Business... ...Information Systems Auditor (CISA) Certified...Information SystemFull timeFlexible hours
- Early Warning Services LLC is actively seeking a Security Governance, Risk & Compliance Analyst in Scottsdale, AZ. This role focuses on supporting security governance and risk compliance initiatives, including conducting risk assessments and facilitating audits. The ideal...
- Roles & Responsibilities Conduct comprehensive risk assessments of third-party SaaS providers, including evaluating security documentation, reviewing evidence, interviewing technical stakeholders, and assessing both control design and operating effectiveness Analyze user...
- Empower AI is hiring an Information Security Analyst I to assist with Risk Management Framework efforts, located in Fort Huachuca, Arizona. The... ...with Project Managers and Cybersecurity Engineers, ensuring compliance and managing cybersecurity deliverables. This role...
- ...Overview: Role: Cloud Security Analyst Location: Phoenix, AZ Experience Required... ...to support cloud security governance, compliance monitoring, and risk management activities... ...will have foundational experience in information security, IT risk management, and...
- ...L2 Security Analyst- Full-Time, on-site We are looking for a Senior... ...provide further contextual information along with recommended actions... ...Experience using ticketing systems for tracking (JIRA, Remedy,... ...malicious artifacts Higher level security certifications (CEH...Full time
- ...Aeronautics, we’re taking innovation to the next level. From designing the most advanced air... ...flight. It is the Autonomic Logistics Information System (ALIS) that gives F‑35 Lightning II... ...access to medical care. As an ALIS Security Administrator, you will play a key role...Information SystemFull timeWork at officeRemote workRelocationMonday to FridayFlexible hoursShift work
$80k - $110k
Job Description Role - Info Security Analyst (SaaS) Experience Required - 2+ Years Must Have Technical/Functional Skills Knowledge of data classification solutions Strong understanding of Multi-tenant SaaS environments Cloud shared responsibility model - IaaS / PaaS...- ...Security And Loss Prevention Expert The Security... ...while ensuring compliance with legal and... ...report outcome for systems and tools that generate... ...site leadership informed on department's... ...environment where the noise level varies and can be... ...customers across multiple business units...Information SystemWorldwideAll shiftsShift workNight shift
- Principal Security Analyst (L3) Full-time, on-site Principal Security Analyst... ...provide further contextual information along with recommended... ...mentorship and guidance to junior level analyst Required... ...Windows and Linux operating systems, security events, and common...Full time
- Ernst & Young Oman seeks an Offensive Security Analyst in Phoenix, Arizona, to evaluate and reduce digital exposure through penetration testing... ...in identifying vulnerabilities across various technology levels while actively emulating threat actors. This role supports third...
- Alignerr is looking for a Security Operations Analyst (AI Training) to enhance intelligent security systems. The role leverages your SOC expertise and allows remote work with... ...you to analyze incidents, classify severity levels, and review detection logic, making a...Remote job10 hours per week
$103.45k - $186.21k
...achieve financial security through highly... ...week. We have multiple exciting opportunities... ...Actuarial Analyst I, you will be a... ...analysis supports rate level indications;... ...problems. Identifies compliance gaps and process... ...and conflicting information into a clear and...H1bWork at officeRemote work$50 - $60 per hour
...committed to creating high-quality AI. We are looking for a Securities Analyst to join our team to help train the next generation of AI while... ...performance. Qualifications Fluency in English (native or bilingual level). Detail-oriented. Proficient in financial analysis,...Hourly payFull timeContract workPart timeWork experience placementRemote workFlexible hours$69.6k - $90.09k
...Position: Trade Compliance Specialist - International Logistics... ...telecommunications, information systems, transportation, medical, industrial... ...Determine required service levels and engage appropriate... ...BI). Ability to manage multiple high-risk activities with minimal...Information SystemHourly payPermanent employmentFull timeTemporary workWork experience placementWork at officeLocal areaWorldwide2 days per week- ...Qualifications Serco is seeking a Compliance/Fraud Specialist to... ...gathering requested information and documentation.... ...Justice, Information Systems, or a related field (... ...and manage multiple reviews or priorities.... ...across all experience levels. Actual base salary will...Information SystemContract workLocal areaFlexible hours
- ...A cybersecurity firm in Scottsdale, Arizona, is seeking a Senior Security Analyst (L2) for the night shift. The role involves triaging alerts, assisting in incident responses, and mentoring junior analysts. Candidates must have a solid understanding of incident response...Night shift
- ...The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing... ...orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability...Summer holidayFlexible hours
$105.79k - $141.05k
...connected ecosystem. We enable secure, high‑performance... ...The Role The CMMC Compliance Analyst must have advanced practical... ...the personnel, physical, information, and information systems (IS) security requirements... ...supporting a successful CMMC Level 2 C3PAO assessment...Information SystemFull timeTemporary workFor contractorsRemote work$100k
...candidates are able to achieve multiple job offers and $100k+... ...Currently, we are looking for entry-level software programmers, Java... .../Java developers, data analysts/data scientists, and machine... ...engineering, electrical engineering, information systems, IT project work on the...Information SystemFull timeH1b- Job Description Position Summary The Information Security Administrator I will be responsible for... ...verified security events / incidents from analyst(s) Create and maintain global... ...degree in computer science, Information Systems, another related field, or equivalent...Information SystemWork at officeRemote work
- ...timely metric reporting to all levels of government and industry... ...of all Autonomic Logistics Information System (ALIS), Supply, Field Support... ...have an active Final Secret Security Clearance and maintain... ...environment, effectively managing multiple priorities and maintaining...Information SystemContract workLocal areaRemote workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Information System Security Compliance Analyst (Multiple Levels). Be the first to apply!
- data protection analyst Phoenix, AZ
- business information analyst Phoenix, AZ
- data analyst - r python sql Phoenix, AZ
- data analyst bank Phoenix, AZ
- data analyst Phoenix, AZ
- data center analyst Phoenix, AZ
- senior financial data analyst Phoenix, AZ
- provider data analyst Phoenix, AZ
- sql data analyst Phoenix, AZ
- information systems analyst Phoenix, AZ


