Project Manager/ Information Security Analyst

Wood River Federal•Washington, DC

3d•Onsite

About The Position

We are seeking an experienced Information Security Analyst III to support the USCIS Information Security Division, Risk Management Branch in executing cybersecurity, continuous monitoring, compliance, internal control testing, automation, and risk management activities under CMASS. This role supports the delivery of agile security services designed to improve cybersecurity posture, strengthen compliance, enhance automation, and help USCIS manage risk across its enterprise systems and processes.

Requirements

Bachelor’s degree.
Five or more years of related information security, cybersecurity, or security operations experience.
Strong working knowledge of security compliance, risk management, continuous monitoring, and internal control testing.
Experience reviewing documentation, analyzing controls, supporting remediation, and maintaining security program records.
Ability to work independently and collaboratively in a federal cybersecurity support environment.

Nice To Haves

Active cybersecurity certification such as CISSP, CASP, GSEC, GSLC, CEH, CISM, or CISA.
Experience supporting NIST 800-53 controls, FISMA, DHS policy compliance, POA&M processes, and enterprise cybersecurity reporting.
Experience with Splunk, UI Path, Swimlane, SharePoint workflows, and related automation or reporting tools.
Experience developing or supporting ISSO training content and delivery.

Responsibilities

Support continuous process improvement by identifying opportunities to improve efficiency, standardize processes, and enhance knowledge management.
Develop, update, and maintain SOPs, playbooks, and supporting documentation for the Risk Management Program.
Support automation and focused development efforts, including maintenance and evolution of tools such as Splunk dashboards, RPA workflows, and related integrations.
Help establish and maintain integration methods among automation tools and authoritative data sources.
Develop alerts, notifications, and workflow support for continuous monitoring and internal control testing activities.
Provide subject matter support for high-priority and time-sensitive tasks, including risk analyses, document reviews, remediation support, policy updates, and data calls.
Monitor changes to NIST guidance, DHS policy, and FISMA metrics and help assess impacts to program compliance and reporting.
Conduct system reviews and support ongoing visibility into the security posture of systems within the USCIS portfolio.
Review and manage system security personnel lists, security authorization documentation, privacy documentation, and related compliance records.
Review control selections and testing artifacts for security authorization packages.
Support audit readiness and responses to internal and external audit requests.
Assist with internal control assessments, risk assessments, POA&M support, cyber hygiene reporting, information security agreements, SharePoint/ECN workflow support, and FISMA inventory updates.
Support development and delivery of ISSO onboarding, refresher, and specialized training materials.