What is the role of a Cybersecurity Analyst at Improvix Technologies?

The Cybersecurity Analyst position at Improvix Technologies is a Full-time or part-time position opportunity in the Information Technology field.

Where is this Cybersecurity Analyst job located?

Washington, District of Columbia, 20451, United States

What type of employment is offered for this Cybersecurity Analyst role?

Full-time or part-time position

What is the expected salary for this Cybersecurity Analyst job?

$100,000 – $200,000 Yearly Salary

How can I apply for the Cybersecurity Analyst position at Improvix Technologies?

You can apply directly through the application link provided.

Cybersecurity Analyst at Improvix Technologies

Cybersecurity Analyst

📍 Location: Washington, DC (Onsite – 5 Days/Week)
🔒 Clearance: Active Secret required (Top Secret eligible)
💼 Type: Full-Time

About the Role

We are seeking a Cybersecurity Analyst with strong experience in ATO and RMF compliance to support a high-volume federal cybersecurity program.

This role is heavily focused on leading Authorization to Operate (ATO) efforts from start to finish—owning documentation, coordinating stakeholders, and guiding systems through assessment and authorization with minimal to no hand-holding.

The ideal candidate combines deep compliance expertise with enough technical understanding of cloud and infrastructure (Azure/AWS) to confidently engage engineers, assessors, and senior leadership.

Key Responsibilities

ATO Ownership (End-to-End)

Lead systems through the full ATO lifecycle using NIST Risk Management Framework
Independently manage ATO packages from initiation through authorization
Develop and maintain:
- System Security Plans (SSPs)
- Security Assessment Reports (SARs)
- Plans of Action & Milestones (POA&Ms)
Write detailed control implementation statements aligned to NIST SP 800-53 Rev. 5
Prepare for and support assessment boards and authorization reviews

NIST Rev. 5 & Control Implementation

Apply and interpret NIST 800-53 Rev. 5 controls and baselines
Support migration of systems from older control baselines to Rev. 5
Collect, validate, and organize artifacts required for control implementation
Justify control implementations to assessors and review boards

Cloud Compliance (Azure & AWS)

Support ATO efforts for systems deployed in:
- Microsoft Azure
- Amazon Web Services (AWS)
Understand cloud architecture, services, and data flows well enough to:
- Document systems accurately
- Translate technical configurations into compliance language
Partner with engineers to align cloud implementations with compliance requirements
(Note: This is not a hands-on engineering role, but requires strong technical fluency.)

Stakeholder Engagement

Interface directly with:
- System Engineers & Architects
- ISSOs / Security Teams
- Authorizing Officials (AOs)
- Senior leadership (CIO-level stakeholders)
Clearly communicate requirements, gaps, and remediation actions
Lead discussions during assessments and audits

Audit, Risk & Continuous Monitoring

Support audits, data calls, and compliance reviews
Identify risks, gaps, and remediation actions
Track and manage POA&Ms to closure
Contribute to continuous monitoring (ConMon) activities
Support related efforts such as privacy compliance when needed

Tools & Environment

Primary GRC Tool: Archangel (preferred)
Familiarity with tools such as eMASS or Xacta (legacy experience acceptable)
Exposure to SIEM tools such as Splunk is a plus

Required Qualifications

5+ years of experience in cybersecurity compliance / RMF / ATO support
(Strong candidates with slightly less experience may be considered)
Proven ability to lead ATOs independently from start to finish
Hands-on experience with:
- NIST Risk Management Framework
- NIST SP 800-53 Rev. 5
Experience writing implementation statements and ATO documentation
Strong understanding of cloud environments (Azure and/or AWS)
Ability to communicate effectively with both technical and executive stakeholders
Experience working in federal or government environments

Preferred Qualifications

Experience with FedRAMP, CIS benchmarks, or similar frameworks
Familiarity with Archangel
Exposure to SIEM tools (e.g., Splunk)
Experience supporting high-volume ATO pipelines / multiple concurrent systems

Certifications (Preferred, Not Required)

CISSP (highly desirable)
CAP
CISM
Security+ (baseline)

What Success Looks Like

Independently drives multiple systems through ATO with minimal oversight
Produces high-quality, audit-ready documentation
Confidently defends control implementations to assessors
Effectively bridges communication between engineers and compliance stakeholders
Keeps pace with high workload and multiple concurrent ATO efforts

Ideal Candidate Profile

Self-sufficient (“no hand-holding”) and proactive
Strong communicator who can engage senior stakeholders
Comfortable shifting between ATO work, audits, data calls, and privacy tasks
Technically fluent in cloud environments without being a hands-on engineer

Cybersecurity Analyst at Improvix Technologies – Washington, District of Columbia

Explore Related Opportunities

About This Position

Scan to Apply

Job Location

Frequently asked questions about this position

Similar Jobs In Washington, District of Columbia

Senior Cyber Security Analyst (TS Clearance with SCI Eligibility)

Cyber Analyst (TS Clearance with SCI Eligibility)

Cybersecurity Associate Intern

NCIS Cyber Security Analyst | Active TS/SCI clearance

Functional Site Assesor (VA EHRM)

Apply NowYour application goes straight to the hiring team

More Jobs Like This

Senior ISSO

Sustainment Reporting and Analytics Consultant

SOC Cyber Security Analyst - Secret Clearance Required

Cyber Workforce Analyst

Cyber Technical Analyst - TS/SCI w/Polygraph