Talent.com
Sr. Security RMF Audit Analyst

Sr. Security RMF Audit Analyst

Oasys InternationalCharlotte, NC, United States
Hace 5 días
Tipo de contrato
  • A tiempo completo
Descripción del trabajo

Who We Are : Oasys International, LLC (Oasys) is a rapidly expanding firm that has been recognized on Inc. 5000 magazine's list of the fastest-growing companies for five consecutive years. We are a dynamic organization dedicated to providing world-class technology consulting services through our team of expert technologists, consultants, engineers, and subject matter experts. At Oasys, we prioritize continuous learning, a healthy work-life balance, and a collaborative work environment. Our culture is merit-based, recognizing and rewarding performance and fostering a supportive and social atmosphere.

Position Summary :

Oasys is seeking a Sr. Security RMF Audit Analyst to support the United States Coast Guard (USCG) at the Aviation Logistics Center (ALC)-Information Systems Division (ISD). The Sr. Security RMF Audit Analyst will lead audit preparation and execution, support continuous RMF lifecycle activities, and oversee compliance with federal cybersecurity requirements across on-premises, virtual, and cloud-hosted systems.

This position will serve as a senior technical advisor in security compliance efforts, guiding cross-functional teams through POA&M development, control remediation, ATO documentation, and continuous monitoring in accordance with NIST 800-53, DHS 4300A, and FISMA standards.

Primary Responsibilities :

  • Oversee the Risk Management Framework (RMF) lifecycle, including assessment, authorization, and continuous monitoring across all ALC-ISD systems.
  • Lead and coordinate internal and external cybersecurity audits, including pre-audit readiness assessments and post-audit remediation tracking.
  • Validate the implementation of security controls (NIST SP 800-53 Rev. 5) and ensure they are effectively documented within System Security Plans (SSPs), Security Assessment Reports (SARs), and related artifacts.
  • Design and implement vulnerability management strategies, assess threat vectors, and develop comprehensive Plans of Action and Milestones (POA&Ms).
  • Analyze cyber risks and provide guidance on remediation strategies aligned with DHS policy and evolving cybersecurity threats.
  • Perform and document risk assessments, penetration testing coordination, and impact analyses to evaluate the security posture of information systems.
  • Collaborate with Security Control Assessors (SCAs), engineers, ISSOs, and DevSecOps teams to ensure audit alignment with enterprise system modernization efforts.
  • Manage and maintain audit packages, compliance dashboards, and evidence repositories using platforms like Jira, Confluence, and SharePoint.
  • Assess and validate configurations of infrastructure (e.g., Windows, Linux, databases, Active Directory) for compliance with security benchmarks (e.g., DISA STIGs, CIS).
  • Draft and update security-related documentation including SOPs, incident response plans, and security test procedures.
  • Serve as a subject matter expert to stakeholders on RMF best practices, ATO sustainment, and security documentation management.
  • All other duties as assigned by management.

Skills / Qualifications :

  • Advanced knowledge of NIST RMF, NIST SP 800-37, 800-53, DHS 4300A, and FISMA compliance.
  • Experience preparing and maintaining RMF ATO documentation and conducting system assessments.
  • Familiarity with Security Information and Event Management (SIEM) platforms for log analysis and incident monitoring.
  • Proficient in evaluating and documenting security configurations and technical implementations for federal systems.
  • Strong understanding of cybersecurity audit workflows, control testing, and risk-based prioritization of vulnerabilities.
  • Excellent writing and communication skills, capable of producing technical documentation and executive summaries.
  • Experience in Agile or DevSecOps environments, with a strong understanding of security integration within CI / CD pipelines.

    • Education / Experience Requirements :

  • Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Two (2) years of directly relevant experience may substitute for one (1) year of formal education.
  • Minimum of five (5) years of experience in Information security with auditing and IT controls design experience.
  • Minimum of five (5) years of experience with Security Information and Event Management (SIEM).
  • Minimum of five (5) years of experience in the risk management framework.
  • Hands-on experience with Active Directory, Windows / UNIX systems, and relational databases in secure environments.
  • Previous support of federal government enterprise systems or DHS / DOD programs is strongly preferred.

    • Clearance :

  • U.S. citizenship required
  • Must have an active DoD Secret Clearance.

    • Certification Requirement

  • CompTIA Security+
  • Additional certifications (Network+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), ITIL Foundation, TOGAF, or other cybersecurity architecture certifications) are a plus.

    • Work Location :

  • Elizabeth City, NC - Hybrid
  • North Carolina Region - Must be able to go on-site at least three days a week

    • Oasys is proud to be an equal opportunity employer for all protected groups, including protected veterans and individuals with disabilities.

    Crear una alerta de empleo para esta búsqueda

    Sr Security Analyst • Charlotte, NC, United States

    Ofertas relacionadas
    • Oferta promocionada
    Compliance Analyst, Specialist

    Compliance Analyst, Specialist

    VanguardCharlotte, NC, US
    A tiempo completo
    Are you excited by the opportunity to help shape something new, while being supported by a team of experienced peers? Vanguard's Cash+ Program is a first-of-its-kind offer, and we're looking for a ...Mostrar másÚltima actualización: hace más de 30 días
    • Oferta promocionada
    Stratascale Associate Security Analyst - Operations

    Stratascale Associate Security Analyst - Operations

    SHI GmbHCharlotte, NC, United States
    A tiempo completo
    As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to ...Mostrar másÚltima actualización: hace más de 30 días
    • Oferta promocionada
    Oracle ERP Security & Controls Senior Associate

    Oracle ERP Security & Controls Senior Associate

    RSM US LLPCharlotte, NC, United States
    A tiempo completo
    We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their ful...Mostrar másÚltima actualización: hace 5 días
    • Oferta promocionada
    Sr Analyst Client Teams

    Sr Analyst Client Teams

    Advantage Sales and MarketingMatthews, NC, US
    A tiempo completo
    The Senior Analyst, Client Teams will have the unique opportunity of serving as the strategic support for the Client Team Leaders. This role will assist the team by brainstorming, tracking, and quan...Mostrar másÚltima actualización: hace 28 días
    • Oferta promocionada
    • Nueva oferta
    Lead Security Architect

    Lead Security Architect

    TradeJobsWorkForceDallas, NC, United States
    A tiempo completo
    Are you an experienced security professional looking to take the next step in your career? As a Lead Security Architect, you will play a pivotal role in enhancing our security team's effectiveness ...Mostrar másÚltima actualización: hace 3 horas
    Risk Mgmt Analyst I

    Risk Mgmt Analyst I

    AgSouth Farm CreditUSA, North Carolina, Statesville
    A tiempo completo
    We are seeking a Risk Management Analyst to join our Farm Credit family! This position primarily supports the Enterprise Risk Management (ERM) framework while establishing and executing risk mitiga...Mostrar másÚltima actualización: hace 2 días
    • Oferta promocionada
    SAP Platform Security Manager / Senior Manager - Location Negotiable

    SAP Platform Security Manager / Senior Manager - Location Negotiable

    AccentureCharlotte, NC, United States
    A tiempo completo
    We are a global collective of innovators applying the New every day to improve the way the world works and lives.Help us show the world what’s possible as you partner with clients to unlock hidden ...Mostrar másÚltima actualización: hace 5 días
    • Oferta promocionada
    Sr Analyst, Global Internal Controls

    Sr Analyst, Global Internal Controls

    Dentsply SironaCharlotte, NC, US
    A tiempo completo
    Sr Analyst Global Internal Controls.The Sr Analyst Global Internal Controls is part of the Global Internal Controls team reporting to the Global Internal Controls Senior Manager.Responsible for ens...Mostrar másÚltima actualización: hace 1 día
    • Oferta promocionada
    Senior Analyst, Audit and Compliance

    Senior Analyst, Audit and Compliance

    XPOCharlotte, NC, US
    A tiempo completo
    What you’ll need to succeed as a Senior Analyst, Audit and Compliance at XPO Minimum qualifications : Bachelor's degree or equivalent related work or military experience 2 years of relevant experien...Mostrar másÚltima actualización: hace 1 día
    • Oferta promocionada
    Oracle ERP Security & Controls Senior Associate

    Oracle ERP Security & Controls Senior Associate

    RSM GlobalCharlotte, NC, United States
    A tiempo completo
    We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their ful...Mostrar másÚltima actualización: hace 5 días
    • Oferta promocionada
    Audit Senior Alert

    Audit Senior Alert

    GPACGastonia, NC, US
    A tiempo completo
    An excellent CPA firm is seeking a Senior Auditor for their team.This stable and growing firm offers clients valuable knowledge and expertise in tax. Due to the recent growth of the firm, there is a...Mostrar másÚltima actualización: hace 1 día
    • Oferta promocionada
    Military Intelligence

    Military Intelligence

    NavyStallings, NC, United States
    A tiempo completo
    ABOUT Effective, secure communication in the cyber domain is essential to the everyday operations of military intelligence in America’s Navy. Information Professionals who oversee the seamless opera...Mostrar másÚltima actualización: hace 3 días
    • Oferta promocionada
    Principal Auditor - Cyber, Risk and Analysis Technology Audit

    Principal Auditor - Cyber, Risk and Analysis Technology Audit

    Capital OneCharlotte, NC, US
    A tiempo completo +1
    Principal Auditor - Cyber, Risk and Analysis Technology Audit.Capital One's Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the organiza...Mostrar másÚltima actualización: hace 15 días
    • Oferta promocionada
    Senior Internal Audit Analyst

    Senior Internal Audit Analyst

    AlbemarleCharlotte, NC, US
    A tiempo completo
    Be An Essential Element To A Brighter Future.We work together to transform essential resources into critical ingredients for mobility, energy, connectivity and health. Join our values-led organizati...Mostrar másÚltima actualización: hace más de 30 días
    • Oferta promocionada
    • Nueva oferta
    Principal Security Solutions Architect

    Principal Security Solutions Architect

    Dexian - DISYSYork, SC, US
    A tiempo completo
    Dexian has been engaged to find a.Principal Security Solutions Architect.This role is critical to maintaining the integrity and security of information systems and will involve close collaboration ...Mostrar másÚltima actualización: hace 22 horas
    • Oferta promocionada
    Manager, Application Security

    Manager, Application Security

    VanguardCharlotte, NC, United States
    A tiempo completo
    The Security Manager must set high-level strategy and direction for secure software development and supply chain practices, while establishing clear expectations, goals, and success metrics.This ro...Mostrar másÚltima actualización: hace 4 días
    • Oferta promocionada
    Risk Consulting Manager - AML Validation

    Risk Consulting Manager - AML Validation

    RSMCharlotte, NC, US
    A tiempo completo
    RSM is seeking a dynamic Manager to join our Risk Consulting practice and specifically support financial crimes compliance model engagements for our Financial Services clients.This role is ideal fo...Mostrar másÚltima actualización: hace más de 30 días
    • Oferta promocionada
    Senior Security Architect

    Senior Security Architect

    TradeJobsWorkForce28034 Dallas, NC, US
    A tiempo completo
    Senior Security Architect Job Duties : Enhances security team accomplishments and competence by planning deliver...Mostrar másÚltima actualización: hace más de 30 días
    • Oferta promocionada
    Security Architect

    Security Architect

    TalentBridgeFort Mill, SC, United States
    A tiempo completo
    We are seeking an exceptional Security Architect to support project initiatives across M&As, Data, Cloud, and On-Prem security architectures. The Security Architect will collaborate closely with Dev...Mostrar másÚltima actualización: hace 5 días
    • Oferta promocionada
    Sr. Audit Manager

    Sr. Audit Manager

    AIGCharlotte, NC, US
    A tiempo completo
    American International Group, Inc.AIG) is a leading global insurance organization.Founded in 1919, today AIG member companies provide a wide range of property casualty insurance, life insurance, re...Mostrar másÚltima actualización: hace más de 30 días