OCT Consulting LLC Logo

RMF Cybersecurity Analyst (15.43)

πŸ’° $90k-$110k
πŸ‡ΊπŸ‡Έ United StatesπŸ”’ CybersecurityπŸ”΅ Mid-level

Job Description

OCT Consulting is a business management and technology consulting firm that supports Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.

OCT currently has an opening for an RMF Cybersecurity Analyst to work with a federal client. The analyst will support the Information Systems Security Officer / Systems Security and Privacy Officer (ISSO/SSPO) in executing Risk Management Framework (RMF) compliance, Security Assessment and Authorization (SA&A) activities, and information security governance across a complex federal health statistics environment.

This position is contingent upon contract award.

Day-to-day responsibilities include:

  • Assist the ISSO/SSPO in interfacing with federal staff, contractors, and business partners to execute information security aspects of the agency’s CIPSEA obligations, IT modernization, and cloud migration efforts.

  • Support Security Assessment and Authorization (SA&A) activities including agency-hosted, contractor-hosted, cloud-hosted, and FedRAMP SA&As; assist with interpretation of regulations and policy guidance.

  • Develop, track, and update Plans of Action and Milestones (POA&Ms) for identified vulnerabilities and risks; report remediation status monthly.

  • Prepare and maintain System Security Plans (SSPs) in accordance with NIST SP 800-18 and NIST SP 800-53.

  • Conduct and document Risk Assessment Reports (RARs) consistent with NIST SP 800-30 and applicable agency policies.

  • Support FISMA reporting to the Department of Homeland Security and OMB; prepare gap reports of agency practices against evolving federal, HHS, and agency requirements.

  • Assist with Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs) in accordance with HHS policy and OMB M-03-22.

  • Prepare weekly project management/status reports and monthly RMF status reports for the COR and Program POC.

  • Develop and maintain reusable templates, standard operating procedures (SOPs), and process documentation (e.g., SSP templates, risk assessment templates, process flow diagrams).

  • Coordinate with agency Security, Business, and Technical Stewards; provide stakeholder advisory support and training as required.

  • Support EPLC security reviews, IT acquisition security reviews, and security governance coordination activities.

  • Assist in applying CIPSEA oversight in coordination with the agency Confidentiality Officer.

  • Maintain compliance with all agency security training requirements including annual Security Awareness Training (SAT) and role-based training (RBT).

  • Must be a U.S. Citizen.

  • Minimum of 3–5 years of experience in federal information security, RMF implementation, or cybersecurity compliance.

  • Demonstrated experience with NIST SP 800-37, 800-30, 800-53/53A, 800-60, and FIPS 199200.

  • Experience supporting FISMA compliance and reporting activities for a federal civilian agency.

  • Experience developing, reviewing, and maintaining SA&A documentation artifacts (SSPs, RARs, POA&Ms, Contingency Plans).

  • Proficiency with Governance, Risk, and Compliance (GRC) platforms such as Archer or comparable tools.

  • Strong technical writing skills sufficient to independently produce clear, accurate, and professionally formatted security and compliance documentation.

  • Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field (or equivalent work experience).

  • Ability to obtain a Public Trust (Moderate Risk – Level 5 or higher) background investigation; an HSPD-12/PIV card will be required for facility and network access.

  • Work will be performed primarily at the agency facility in Hyattsville, MD, with authorized telework on a situational basis. Must be able to commute to the Hyattsville, MD location.

Preferred Qualifications:

  • Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), Certified Information Security Manager (CISM), or equivalent certification.
  • Experience supporting HHS or other Federal civilian agency environments.
  • Experience with CIPSEA, Privacy Act compliance, and handling of sensitive health statistics data.
  • Familiarity with FedRAMP authorization activities and cloud migration security governance.
  • Experience with continuous monitoring programs and vulnerability remediation in federal environments.

OCT offers competitive compensation packages and a full suite of benefits which includes:

  • Medical, Dental, and Vision insurance
  • Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee’s gross salary
  • Paid Time Off and Standard Government Holidays
  • Life Insurance, Short- and Long-Term disability benefits
  • Training Benefits

Salary Range: $90,000 – $110,000 yearly commensurate with experience, education, and qualifications.

About OCT Consulting

OCT Consulting LLC is a Small Business (SB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the agility of operations and a management team with a track record of leading successful engagements at major Federal government agencies.

At OCT we believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone’s contributions are valued and recognized.

Share this job:
Please let OCT Consulting LLC know you found this job on Remote First Jobs πŸ™

Remote companies like OCT Consulting LLC

Find your next opportunity with companies that specialize in Acquisition And Procurement, Information Technology, Financial Management, and Program Management. Explore remote-first companies like OCT Consulting LLC that prioritize flexible work and home-office freedom.

All companies
Dynamis, Inc. Logo

Dynamis, Inc.

51-200 www.dynamis.com

Provides professional services and IT solutions to government clients, specializing in defense, intelligence, and homeland security.

View company profile β†’
DRT Strategies Logo

DRT Strategies

201-500 www.drtstrategies.com

Digital transformation and IT services for federal agencies and commercial clients, emphasizing technology innovation.

View company profile β†’
Mize CPAs Inc. Logo

Mize CPAs Inc.

1001-5000 aprio.com

A business advisory, tax, and accounting firm assisting clients with finances, taxes, risk, compliance, and growth.

View company profile β†’
Client Solution Architects Logo

Client Solution Architects

501-1000 csaassociates.com

Provides integrated technology and operational support services to defense and federal government organizations.

View company profile β†’
OMNI Consulting Solutions Logo

OMNI Consulting Solutions

51-200 www.omniconsultingsolutions.com

Provides consulting and software solutions to government and commercial clients, specializing in defense.

View company profile β†’
Ripple Effect Logo

Ripple Effect

201-500 www.rippleeffect.com

Provides professional consulting and talent for federal, private, and non-profit clients.

View company profile β†’

Project: Career Search

Rev. 2026.6

[ Remote Jobs ]
Direct Access

We source jobs directly from 21,000+ company career pages. No intermediaries.

Search Jobs Post a Job
01

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

02

Advanced Filters

Filter by category, benefits, seniority, and more.

03

Priority Job Alerts

Get timely alerts for new job openings every day.

04

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

21,000+ SOURCES UPDATED 24/7
Apply