Apply Edge Start your job search

Risk Analyst

TechPerm Incorporated · Washington DC-Baltimore Area

Apply & track with Apply Edge
Risk Analyst – NIST SMELocation: Baltimore Washington Metroplex, MDClearance: Public TrustPosition Overview:The Risk Analyst supports federal information security, compliance, and governance activities across systems operating within the Baltimore MD metroplex. The role requires strong NIST experience as well RMF, NIST SP 800 53, and federal security standards to evaluate risks, strengthen control environments, and maintain compliance for Public Trust–sensitive systems.Core Responsibilities:• Perform risk assessments aligned with NIST RMF, NIST SP 800 53, FISMA, and agency specific requirements.• Evaluate, document, and validate security controls across federal information systems.• Develop and maintain A&A documentation including SSPs, SARs, RARs, and POA&Ms.• Conduct continuous monitoring: vulnerability review, control testing, compliance tracking, and remediation validation.• Analyze threats, vulnerabilities, and residual risks; recommend mitigation strategies.• Support audit readiness and respond to internal/external audit findings.• Coordinate with engineering, ISSO, and program teams to ensure security requirements are integrated into system changes.• Maintain documentation and reporting required for Public Trust suitability.• Prepare risk dashboards, metrics, and executive level summaries.Required Qualifications:• Active or eligible Public Trust clearance.• 3–7 years of experience in cybersecurity, risk management, or federal compliance.• Strong working knowledge of NIST RMF, NIST SP 800 53, FIPS, and federal governance.• Experience with A&A packages, POA&Ms, and continuous monitoring.• Familiarity with eMASS, Archer, ServiceNow GRC, or similar.• Strong analytical, documentation, and communication skills.Preferred Qualifications:• Experience supporting federal agencies in the Baltimore/Washington corridor.• Certifications: Security+, CAP, CISA, CISM.• Knowledge of FedRAMP, NIST 800 171, Zero Trust, and cloud security frameworks.• Experience with vulnerability management tools (Tenable, Qualys, Rapid7).Role Impact:The Risk Analyst ensures federal systems remain secure, compliant, and resilient—protecting sensitive data, supporting mission critical operations, and strengthening risk posture across Public Trust environments.