MEDSTAR HEALTH
Senior Compliance and Audit Analyst
MEDSTAR HEALTH, Gwynn Oak, Maryland, United States, 21207
Job Details Job Location Windsor Mill, MD Remote Type Fully Remote Position Type Full Time Education Level 4 Year DegreeDescription
About Us: At RELI Group, our work is grounded in purpose. We partner with government agencies to solve complex challenges, improve public health, strengthen national security, and make government services more effective and efficient. Our team of over 500 professionals brings deep expertise and a shared commitment to delivering meaningful outcomes. Behind every solution is a group of experts who care deeply about impact-whether we're supporting data-driven decisions, modernizing systems or safeguarding critical programs.
Before applying for this role, please read the following information about this opportunity found below. Position Summary:
RELI Group is seeking an experienced Senior Compliance and Audit Analyst to lead compliance, assessment, and audit readiness activities under Task 8 of the Information Security and Privacy Services (ISPS), part of the Marketplace System Security and Privacy Support Services (MSSPSS) contract. The Senior Analyst will ensure ACA and NST systems achieve and maintain compliance with federal cybersecurity standards, including CMS ARS 5.0, FISMA, NIST 800-53, and FedRAMP. This position involves close coordination with CMS stakeholders, ISSOs, ATO teams, and auditors to deliver audit evidence, resolve POA&Ms, and enhance the security compliance posture of CMS systems.
Responsibilities:
Lead compliance and audit activities for CMS systems, ensuring alignment with ARS 5.0, NIST 800-53, FISMA, and FedRAMP
Serve as a primary point of contact for internal and external audits, coordinating with system owners, ISSOs, and CMS stakeholders
Develop and manage audit response plans, evidence repositories, and compliance reporting schedules
Review and validate control implementations and ensure supporting documentation is audit-ready
Develop corrective action plans for findings and track POA&M items to closure
Contribute to security assessments, continuous monitoring, and ATO maintenance activities
Recommend improvements to security policies, procedures, and compliance workflows
Mentor junior analysts and ensure quality assurance of compliance deliverables
Qualifications
Bachelor's degree in Cybersecurity, Information Assurance, or related technical field
7+ years of experience supporting IT compliance, audit, or security assessments in a federal environment
Deep knowledge of NIST 800-53, NIST 800-37, FISMA, CMS ARS 5.0, and RMF practices
Experience managing security audits, preparing documentation, and interacting directly with auditors
Strong attention to detail, technical writing skills, and ability to lead multiple concurrent compliance efforts
Demonstrated success mentoring teams and improving security compliance frameworks
Preferred Qualifications:
Experience supporting CMS, CCIIO, or HHS IT programs
Familiarity with eMASS, ServiceNow GRC, or audit tracking platforms
Certifications such as CISA, CISSP, CGRC (CAP), or Security+
Experience working with federal IG, 3PAO, or OMB audit groups
Strong understanding of FedRAMP authorization and cloud security audits
EEO Employer:
RELI Groupis an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
HUBZone:
We encourage all candidates who live in a HUBZone to apply. You can check to see if your address is located in a HUBZone by accessing theSBA HUBZone Map.
The annual salary range for this position is $210,000.000 to $310,000.00.Actual compensation will depend on a range of factors, including but not limited to the individual's skills, experience, qualifications, certifications, location, other business and organizational needs, and applicable employment laws. The estimate displayed represents the typical salary range for this position and is just one component of the total compensation package for employees. RELI Group provides a variety of additional benefits to its employees. For additional details on the benefits that RELI Group offers clickhere
#J-18808-Ljbffr
About Us: At RELI Group, our work is grounded in purpose. We partner with government agencies to solve complex challenges, improve public health, strengthen national security, and make government services more effective and efficient. Our team of over 500 professionals brings deep expertise and a shared commitment to delivering meaningful outcomes. Behind every solution is a group of experts who care deeply about impact-whether we're supporting data-driven decisions, modernizing systems or safeguarding critical programs.
Before applying for this role, please read the following information about this opportunity found below. Position Summary:
RELI Group is seeking an experienced Senior Compliance and Audit Analyst to lead compliance, assessment, and audit readiness activities under Task 8 of the Information Security and Privacy Services (ISPS), part of the Marketplace System Security and Privacy Support Services (MSSPSS) contract. The Senior Analyst will ensure ACA and NST systems achieve and maintain compliance with federal cybersecurity standards, including CMS ARS 5.0, FISMA, NIST 800-53, and FedRAMP. This position involves close coordination with CMS stakeholders, ISSOs, ATO teams, and auditors to deliver audit evidence, resolve POA&Ms, and enhance the security compliance posture of CMS systems.
Responsibilities:
Lead compliance and audit activities for CMS systems, ensuring alignment with ARS 5.0, NIST 800-53, FISMA, and FedRAMP
Serve as a primary point of contact for internal and external audits, coordinating with system owners, ISSOs, and CMS stakeholders
Develop and manage audit response plans, evidence repositories, and compliance reporting schedules
Review and validate control implementations and ensure supporting documentation is audit-ready
Develop corrective action plans for findings and track POA&M items to closure
Contribute to security assessments, continuous monitoring, and ATO maintenance activities
Recommend improvements to security policies, procedures, and compliance workflows
Mentor junior analysts and ensure quality assurance of compliance deliverables
Qualifications
Bachelor's degree in Cybersecurity, Information Assurance, or related technical field
7+ years of experience supporting IT compliance, audit, or security assessments in a federal environment
Deep knowledge of NIST 800-53, NIST 800-37, FISMA, CMS ARS 5.0, and RMF practices
Experience managing security audits, preparing documentation, and interacting directly with auditors
Strong attention to detail, technical writing skills, and ability to lead multiple concurrent compliance efforts
Demonstrated success mentoring teams and improving security compliance frameworks
Preferred Qualifications:
Experience supporting CMS, CCIIO, or HHS IT programs
Familiarity with eMASS, ServiceNow GRC, or audit tracking platforms
Certifications such as CISA, CISSP, CGRC (CAP), or Security+
Experience working with federal IG, 3PAO, or OMB audit groups
Strong understanding of FedRAMP authorization and cloud security audits
EEO Employer:
RELI Groupis an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
HUBZone:
We encourage all candidates who live in a HUBZone to apply. You can check to see if your address is located in a HUBZone by accessing theSBA HUBZone Map.
The annual salary range for this position is $210,000.000 to $310,000.00.Actual compensation will depend on a range of factors, including but not limited to the individual's skills, experience, qualifications, certifications, location, other business and organizational needs, and applicable employment laws. The estimate displayed represents the typical salary range for this position and is just one component of the total compensation package for employees. RELI Group provides a variety of additional benefits to its employees. For additional details on the benefits that RELI Group offers clickhere
#J-18808-Ljbffr