Cybersecurity Analyst

Description & Requirements

Maximus is seeking a Cybersecurity Analyst to support a federal client in maintaining compliance and strengthening the security posture of mission-critical systems.

As part of our dedicated team, the Security Compliance Analyst will ensure adherence to government security requirements, manage Plans of Action and Milestones (POA&Ms), and support ongoing risk and vulnerability management activities vital to safeguarding critical systems and data in defense of our Homeland.

This is an on-site position that requires an active Secret Security Clearance.

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS033, T3, Band 6

Job-Specific Essential Duties and Responsibilities:



* Serve as the primary point of contact for security compliance activities, collaborating with stakeholders to track and resolve security concerns.


* Manage and maintain POA&Ms, ensuring timely remediation of findings and alignment with government and contract requirements.


* Support vulnerability management efforts, including running security scans and reviewing scan results, tracking remediation activities, and verifying closure of findings.


* Conduct risk management activities including risk assessments, risk analysis, and documentation of risk mitigation strategies.


* Conduct compliance reviews to ensure systems adhere to federal regulations, contract requirements, and applicable frameworks (e.g., NIST 800-53, RMF).


* Assist in preparing and maintaining security documentation, including System Security Plans (SSPs), assessment reports, and risk analyses.


* Collaborate with technical teams across disciplines to validate security controls, provide compliance guidance, and ensure mission success.


* Participate in incident response and after-action reviews, documenting lessons learned and compliance impacts.


* Develop and deliver compliance reports and metrics for leadership, federal stakeholders, and auditors.


* Contribute to security awareness and training initiatives to promote compliance across operational teams.

Job-Specific Minimum Requirements:



* Candidates must have an active Secret Security Clearance.


* Due to contract requirements, only US Citizens can be considered.

Candidates with dual citizenship cannot be considered.


* 7+ years of experience in security compliance, vulnerability management, or related cybersecurity field.


* 4+ years of experience with:



* Managing and tracking POA&Ms within government contracting environments.


* Federal security frameworks, policies, and requirements (e.g., FISMA, NIST RMF).


* Vulnerability management processes and tools.


* Risk management activities, including conducting risk assessments and risk analysis.


* Collaboration with technical teams to address findings and implement compliance solutions.

Strong written and verbal communication skills with the ability to prepare compli...