SME Information Security Analyst

GovCIO is currently hiring a highly experienced SME Information Security Analyst to support critical cybersecurity compliance and risk management activities for the U.S. Coast Guard (USCG). This technical role focuses on ensuring enterprise systems strictly adhere to federal, Department of Homeland Security (DHS), and military security standards throughout their lifecycle. This position will be located in Alexandria, VA, and will be a hybrid position.

The SME Information Security Analyst will serve as the principal cybersecurity authority for system authorization and data governance compliance. Core responsibilities include:

• Lead the comprehensive execution of the Risk Management Framework (RMF) to achieve and maintain Authority to Operate (ATO).
• Author, review, and update comprehensive security authorization packages in strict compliance with DHS 4300A policies.
• Manage and orchestrate end-to-end security control assessments, continuous monitoring strategies, and Plan of Action and Milestones (POA&M).
• Conduct technical vulnerability reviews, risk assessments, and compliance audits on complex enterprise systems and network architectures.
• Oversee data governance workflows, asset cataloging, and metadata management strategies to ensure data integrity and security compliance.
• Coordinate directly with Authorizing Officials (AO), technical engineers, and stakeholders to resolve high-priority security vulnerabilities.
• Proactively identify architectural compliance risks during system modernization and design targeted remediation or mitigation strategies.
• Develop and maintain comprehensive cybersecurity documentation, system security plans (SSPs), and incident response protocols.

High School with 10+ years (or commensurate experience)

Required Skills & Experience 

• Certifications: DoD 8570 IAM Level II or III (e.g., CISSP, CISM, CAP / ISC2 Certified in Cybersecurity and Infrastructure Security).
• Deep technical understanding and hands-on experience applying DHS 4300A Sensitive Systems Policy directives.
• Proven mastery of the NIST Risk Management Framework (SP 800-37) and NIST SP 800-53 security controls.
• Demonstrated experience leading complex IT systems through the complete assessment and authorization (A&A) lifecycle.

Clearance Level: Must have an active Secret clearance  

Preferred Skills & Experience 

• Prior experience supporting U.S. Coast Guard (USCG) or Department of Homeland Security (DHS) cybersecurity programs.
• Direct hands-on experience utilizing Collibra for data governance, data cataloging, and compliance tracking.
• Familiarity with automated compliance tools such as Xacta, Archer, or DHS-specific risk management repositories.
• Understanding of cloud security architectures (FedRAMP), modern network protocols, and hybrid enterprise environments. 

          #JP #DICE #USCG