US Public Sector Continuous Monitoring Analyst

This is a fully remote position, open to applicants in Maryland.

📋 Description

• Assist in the ongoing monitoring (ConMon) efforts for Rapid7’s compliance programs within the US Public Sector, primarily concentrating on FedRAMP and GovRAMP.

• Aid in the management of Plans of Action & Milestones (POA&Ms), which includes tracking remediation progress, timelines, and ownership of risks.

• Collaborate with Engineering and Security teams to analyze security findings, vulnerability results, and control weaknesses.

• Support the collection of technical evidence in accordance with NIST 800-53 rev. 5 and NIST 800-171 standards.

• Utilize ATO-focused GRC platforms such as Paramify, ServiceNow GRC, Onspring, RegScale, and DefectDojo to monitor findings, risks, and compliance status.

• Engage in discussions with engineers to comprehend control implementations, technical risks, and remediation strategies.

• Assist in the preparation of ConMon deliverables, including POA&M, deviation requests, and inventory workbook.

• Contribute to enhancing POA&M and ConMon processes through standardization, automation, and improved data quality.

• Acquire practical experience with evolving requirements such as CMMC, new Executive Orders, and other cybersecurity initiatives in the US public sector.

⛳️ Requirements

• 2-5 years of experience (or equivalent academic/internship experience) in the fields of cybersecurity, cloud security, compliance, or risk management.

• Foundational understanding of NIST 800-53 and/or NIST 800-171.

• Interest in areas such as vulnerability management, risk remediation, and continuous monitoring.

• Experience or familiarity with ATO-focused GRC platforms including Paramify, ServiceNow GRC, Onspring, or RegScale.

• Capability to understand and document technical security issues and associated risks.

• Strong analytical abilities and a keen attention to detail.

• Excellent written and verbal communication skills.

• A curious and collaborative mindset, paired with a strong desire to learn.

🏝️ Benefits

• Opportunities for professional development and growth.

• Collaborative work environment with a focus on innovation.

• Comprehensive health benefits package.

• Flexible work arrangements to support work-life balance.