Remote FedRAMP Technical Systems Assessment Analyst

INFT Solutions Inc


Job Location:

Washington, AR - USA

Monthly Salary: Not Disclosed
Posted on: 6 hours ago
Vacancies: 1 Vacancy

Job Summary

Title: FedRAMP Technical Systems Assessment Analyst

Location: REMOTE

Clearance: Able to get clearance.
About the Role
The FedRAMP Technical ISSO / Systems Assessment Analyst is a mid level member of the FedRAMP
assessment team responsible for reviewing cloud service providers (CSPs) and vendor systems for
compliance with FedRAMP and federal security requirements. This role combines strong technical
security expertise with practical FedRAMP compliance experience focusing on vendor system
assessments authorization support and continuous monitoring activities.
The position performs detailed technical reviews of system architectures and security controls
works directly with vendors to identify and remediate gaps and supports authorization decisions.

Key Responsibilities

Technical Security & FedRAMP Assessment
Conduct detailed technical and architecture reviews of vendor cloud solutions including
infrastructure platform and application components.
Assess and document implementation of security controls including encryption at rest and in
transit identity and authentication mechanisms (including MFA) session management logging
vulnerability management and configuration baselines.
Lead technical discussions and screen sharing sessions with vendors to fully understand system
architectures data flows and control implementations.
Review vulnerability scan results and penetration testing reports and validate remediation actions.
Review Third Party Assessment Official (3PAO) Penetration Test reports and Red Team exercises.
Perform detailed reviews of FedRAMP authorization artifacts including SSPs SARs POA&Ms
incident response plans contingency plans and system architecture diagrams.
Evaluate vendor compliance with NIST SP 800 53 NIST SP 800-171 and FedRAMP requirements.

Authorization Compliance & Continuous Monitoring
Support initial FedRAMP assessments Authorizations to Operate (ATOs) reauthorizations and
ongoing continuous monitoring activities.
Ensure FedRAMP security packages are accurate complete and aligned with current FedRAMP
templates and guidance.
Track POA&M items remediation timelines and compliance risks and provide status updates to
stakeholders.
Review recurring CSP deliverables to ensure continued compliance with FedRAMP requirements.
Assess cybersecurity supply chain and third party risks within FedRAMP packages and support
mitigation efforts.

ISSO & Stakeholder Coordination
Serve as the ISSO for assigned systems ensuring compliance with FISMA OMB FedRAMP and GSA
security policies.
Collaborate with IT security privacy and business stakeholders to validate security controls and
resolve identified gaps.
Assist with the development and maintenance of security documentation and internal guidance
related to FedRAMP and system authorization.

Stay current on FedRAMP updates NIST guidance and cybersecurity best practices and apply
changes to assessment activities.
Provide security guidance and promote awareness to vendors and internal teams as needed.

Required Qualifications & Education
Bachelors degree in Computer Science Information Systems Engineering or a related field (or
equivalent experience).
4-6 years of experience in cybersecurity information security or information assurance.
At least 2 years of experience supporting NIST SPbased Risk Management Framework
(RMF) or Assessment & Authorization (A&A) activities.
Experience as an ISSO Security Engineer Security Control Assessor (SCA) or similar role reviewing
system architectures and security controls.
Experience supporting FedRAMP assessments authorization packages continuous monitoring and
compliance activities.
One or more industry certifications such as CISSP CISM CISA CCSP or CGRC.
Strong knowledge of FedRAMP NIST SP 800-53 NIST SP 800-171 RMF FISMA vulnerability
management and third-party security assessments.
Hands-on cloud security engineering experience in AWS Azure and/or Google Cloud Platform
(GCP) including implementing and assessing cloud security controls.
Strong understanding of cloud security principles including encryption key management cloud
storage security (e.g. Amazon S3) and cloud-native security services.
Experience evaluating vendor security architectures guiding remediation efforts and ensuring
solutions meet FedRAMP and federal security requirements.
Ability to assess security configurations and provide technical guidance to engineering teams and
vendors.
Excellent written and verbal communication skills with the ability to communicate effectively with
both technical and non-technical stakeholders.

Clearance and Location Requirements:
Able to be cleared for a Public Trust clearance.


Required Skills:

Cybersecurity

Title: FedRAMP Technical Systems Assessment AnalystLocation: REMOTEClearance: Able to get clearance.About the RoleThe FedRAMP Technical ISSO / Systems Assessment Analyst is a mid level member of the FedRAMPassessment team responsible for reviewing cloud service providers (CSPs) and vendor systems fo...