Program Analyst

Signature Performance, Inc.

About The Position

Plan, manage, and track system Authorization to Operate (ATO) packages, including documentation, control validation, and renewal cycles. Coordinate security assessments and audits through engagement with internal and external stakeholders, including 3PAOs and federal partners. Maintain and update the organization's security policies, procedures, and system security documentation to stay aligned with current regulations and frameworks. Monitor, assess, and report on control effectiveness; develop dashboards and metrics to communicate overall compliance posture. Oversee submission and maintenance of continuous monitoring evidence for assigned systems. Support assessments against NIST-based requirements (e.g., NIST 800-53, NIST CSF) and related programs such as FedRAMP, FISMA, or HIPAA. Translate technical and policy requirements into actionable plans, ensuring timely remediation and risk reduction. Contribute to the improvement of compliance workflows, leveraging GRC tools to automate and track activities. Serve as a liaison with IT, security operations, privacy, and business units to ensure cohesive governance and communication of audit results and policy updates

Requirements

Eligibility for a NACLC DoD Security Clearance.
Bachelor's degree in Information Systems, Cybersecurity, Computer Science, or relevant field (or equivalent professional experience).
3--5 years of experience supporting cybersecurity, compliance, or audit programs within a federal agency, contractor, or 3PAO environment.
Demonstrated project management ability, including scheduling, documentation control, and milestone tracking.
Working knowledge of NIST frameworks and the ATO lifecycle.
Familiarity with Governance, Risk, and Compliance (GRC) tools such as Onspring, Archer, or ServiceNow.
Strong analytical and written communication skills, with the ability to distill complex compliance information for a broad audience.
U.S. Citizenship or naturalized citizenship is required for this position.
All work on all positions at Signature Performance must be completed in the continental United States, Alaska, or Hawaii.

Nice To Haves

Experience managing system security plans (SSPs), risk assessment reports (RARs), and plans of action and milestones (POA&Ms).
Exposure to FedRAMP, FISMA, or DoD RMF assessment requirements.
CAP, PMP, or comparable certification in security or project management preferred.

Responsibilities

Plan, manage, and track system Authorization to Operate (ATO) packages, including documentation, control validation, and renewal cycles.
Coordinate security assessments and audits through engagement with internal and external stakeholders, including 3PAOs and federal partners.
Maintain and update the organization's security policies, procedures, and system security documentation to stay aligned with current regulations and frameworks.
Monitor, assess, and report on control effectiveness; develop dashboards and metrics to communicate overall compliance posture.
Oversee submission and maintenance of continuous monitoring evidence for assigned systems.
Support assessments against NIST-based requirements (e.g., NIST 800-53, NIST CSF) and related programs such as FedRAMP, FISMA, or HIPAA.
Translate technical and policy requirements into actionable plans, ensuring timely remediation and risk reduction.
Contribute to the improvement of compliance workflows, leveraging GRC tools to automate and track activities.
Serve as a liaison with IT, security operations, privacy, and business units to ensure cohesive governance and communication of audit results and policy updates