Get new similar jobs by email for

Compliance/Risk Analyst

By continuing you agree to Monster's Privacy policy, Terms of use and use of cookies.

Job Summary

Knowledge Consulting Group
Washington, DC 20001
Computer/IT Services
Job Type
Full Time
Years of Experience
5+ to 7 Years
Education Level
Bachelor's Degree
Career Level
Experienced (Non-Manager)
Job Reference Code

Compliance/Risk Analyst

About the Job

Knowledge Consulting Group was recently acquired my ManTech International!  For more than 40 years, ManTech employees have been solving complex problems for the national security community. We are comprised of approximately 10,000 talented employees around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Half our employees have a military background, and more than 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, space, and intelligence communities; we hold nearly 1,000 active contracts with more than 40 different government agencies.

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Secret clearance is required with the ability to get DHS EOD 



·         Develop, update and maintain appropriate Security Authorization (SA) packages based on NIST standards for general support systems and major applications to include development of final ATO package and ATO recommendation

·         Recommend appropriate FIPS 199 impact level designations and identify appropriate security controls based on characterization of the general support system or major application

·         Develop and/or maintain POA&Ms for all accepted risks upon completion of system SCA, including the utilization of waivers/exceptions where appropriate

·         Schedule and conduct security assessments of systems to determine compliance with applicable security controls and standards, including:

·         Conduct interviews of key system personnel

·         Review security documentation to ensure completeness and accuracy of control documentation

·         Compile and analyze scan results for weaknesses and vulnerabilities

·         Develop security assessment reports.

·         Integrate with a team of skilled information technology security professionals demonstrating competence in the application of the security authorization guidelines and procedures

·         Communicate and present to stakeholders on the FISMA compliance status of your assigned systems

·         Work with the FISMA Tool IACS/Xacta to develop SA related documentation and track POA&M and vulnerability status.



Must possess 2 years dedicated information assurance / cyber security experience.    B.S. Degree in a related field is required but may be substituted with four (4) additional years of professional Information Assurance experience.  CISSP or CISA preferred.

Ability to and interest in providing support and guidance to System Owner’s through the six phases of the Risk Management Framework (NIST 800-37) and  monitoring of Security Authorization (SA) artifact compliance, annual self-assessment (NIST 800-53A) completion, vulnerability scans, annual contingency plan testing, POA&M management and continuous monitoring.  Must possess experience with FISMA and understand FISMA requirements.   DHS FISMA related requirements experience a plus.

•   Ability to work effectively in a team management environment and participate in collaborative initiatives which foster the mutual exchange of knowledge and expertise.

•   Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

•   Ability to communicate effectively orally and in writing to build and maintain customer satisfaction and express conclusions and recommendations in a clear, technically sound manner on matters associated with IT security.

•   Experience with developing Security Controls Assessment (SCA) schedules, Security Assessment Plans and analyzing the results of SCA activites to evaluate the existence and effectiveness of 800-53 security controls and developing the Security Assessment Report

•   Be prepared to security-related guidance on business processes, emerging technologies/development and acquisitions and vulnerability assessments and mitigation approaches.

•   Experienced and capable in providing IA/security consulting services to enable the client to move past traditional C&A/SA approaches to an environment of ongoing authorization and continuous monitoring based on sound risk management practices


Strong verbal and written communication skills are highly preferred.  It is highly desired that candidates possess strong interpersonal skills.  Candidates must be fluent in the English language. 

Candidates may be asked to provide a writing sample. If interested in the position, please apply directly through our website:


If you have questions or have trouble applying, you may contact:  katie.hanson@mantech.com.



Job Tools

  • Follow Company
    Your information may be shared with the company.
  • Following Company
  • Print
  • Share
  • Report this job