Harmonia Holdings Group LLC
FISMA Program Analyst
Harmonia Holdings Group LLC, Washington, District of Columbia, us, 20022
Harmonia Holdings Group, LLC is an award-winning, rapidly growing federal government contractor committed to providing innovative, high-performing solutions to our government clients and focused on fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction.
We are seeking a highly organized and proactive
FISMA Program Analyst
to lead the execution and ongoing compliance of the Federal Information Security Modernization Act (FISMA) program for a federal client. This role ensures that the organization's information security and risk management practices meet all applicable federal requirements, including OMB memoranda, DHS directives, and NIST guidance.
A variety of soft skills and experience may be required for the following role Please ensure you check the overview below carefully. The ideal candidate will have strong experience in federal cybersecurity frameworks, compliance programs, and risk management, along with excellent communication and stakeholder engagement skills.
Key Responsibilities:
FISMA Compliance & Program Management
Oversee and support the development, implementation, and ongoing management of a FISMA compliance program.
Ensure alignment with federal cybersecurity regulations, including NIST SP 800-53, SP 800-37, FIPS 199, and others.
Coordinate with internal and external auditors to evaluate system security postures and support audit engagements.
Prepare and maintain FISMA-required documentation, including System Security Plans (SSPs), Security Authorization Packages (SAPs), and Continuous Monitoring (ConMon) reports.
Security Risk Management
Maintain visibility into organizational risk assessments for High Value Assets (HVAs) and other critical systems.
Review, document, and track selected security controls for effectiveness and completeness.
Monitor and report on remediation efforts tied to identified system vulnerabilities and risks.
Incident Response & Continuous Monitoring
Manage the organization's continuous monitoring activities to ensure FISMA compliance across systems.
Support and oversee incident response planning, coordination, and reporting in accordance with federal guidelines.
Validate execution of incident response plans and related documentation updates.
Policy Development & Stakeholder Collaboration
Develop, update, and maintain FISMA-related policies, procedures, and internal guidance documentation.
Serve as a liaison between the organization and federal oversight entities on all FISMA-related matters.
Collaborate across departments (IT, compliance, risk, and policy) to align security operations with compliance goals.
Provide subject matter expertise in meetings, reviews, and compliance briefings.
Audit & Reporting
Ensure timely execution of annual FISMA assessments and deliverables as mandated by OMB and DHS.
Compile and deliver reports to senior leadership summarizing compliance status, risks, and program performance metrics.
Required Qualifications:
Education:
Bachelor's degree in Computer Science, Cybersecurity, Information Assurance, or a related field.
Experience:
Minimum of
6 years
of experience in cybersecurity, IT governance, or risk management.
At least 2 years of direct experience managing or supporting FISMA or federal compliance programs.
Hands-on experience with NIST frameworks (e.g., 800-53, 800-37, 800-171) and FISMA audits.
Skills:
In-depth knowledge of FISMA, NIST SP 800-series, OMB A-130, and related federal cybersecurity regulations.
Experience with risk and compliance management tools, continuous monitoring, and vulnerability management systems.
Strong analytical, project management, and technical writing skills.
Effective communication skills for interfacing with leadership, stakeholders, and government clients.
Preferred Qualifications:
Experience working directly with or for federal agencies or government contractors.
Familiarity with challenges in federal information system security operations and compliance.
Professional certifications such as:
CISSP
- Certified Information Systems Security Professional
CISM
- Certified Information Security Manager
CAP
- Certified Authorization Professional
Security+ ,
CySA+ , or equivalent
Experience leading or mentoring small teams or cross-functional working groups.
#LI #CJ #DICE ___________________________________________________________________________________________________________
Here at Harmonia we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:
Recognized as a Top 20 "Best Place to Work in Virginia"
Recipient of Department of Labor's HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years
Two-time SBA SBIR Tibbett's Award winner
Virginia Values Veterans (V3) Certification
We recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Harmonia family! In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited to
Traditional and HSA- eligible medical insurance plans w/ Wellness Incentives for employees and family
100% employer-paid dental and vision insurance options
100% employer-sponsored STD, LTD, and life insurance
Veterans Cohort
Gym membership reimbursement
401(k) matching
Dollar-for-dollar 501(c)(3) donation matching
Flexible-schedules and teleworking options
Paid holidays and Flexible Paid Time Off
Adoption Expense Reimbursement
Paid Parental Leave
Professional development and career growth opportunities and paid training days
Employer-sponsored Employee Assistance Program for employee and family
Team and company-wide events, recognition, and appreciation-- and so much more!
Check out ourLinkedIn,Facebook, andInstagramto find out a little more about who we are and if we are the right next step for your career!
Harmonia is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics.Harmonia does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans.To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contactHR@harmonia.com.
#J-18808-Ljbffr
FISMA Program Analyst
to lead the execution and ongoing compliance of the Federal Information Security Modernization Act (FISMA) program for a federal client. This role ensures that the organization's information security and risk management practices meet all applicable federal requirements, including OMB memoranda, DHS directives, and NIST guidance.
A variety of soft skills and experience may be required for the following role Please ensure you check the overview below carefully. The ideal candidate will have strong experience in federal cybersecurity frameworks, compliance programs, and risk management, along with excellent communication and stakeholder engagement skills.
Key Responsibilities:
FISMA Compliance & Program Management
Oversee and support the development, implementation, and ongoing management of a FISMA compliance program.
Ensure alignment with federal cybersecurity regulations, including NIST SP 800-53, SP 800-37, FIPS 199, and others.
Coordinate with internal and external auditors to evaluate system security postures and support audit engagements.
Prepare and maintain FISMA-required documentation, including System Security Plans (SSPs), Security Authorization Packages (SAPs), and Continuous Monitoring (ConMon) reports.
Security Risk Management
Maintain visibility into organizational risk assessments for High Value Assets (HVAs) and other critical systems.
Review, document, and track selected security controls for effectiveness and completeness.
Monitor and report on remediation efforts tied to identified system vulnerabilities and risks.
Incident Response & Continuous Monitoring
Manage the organization's continuous monitoring activities to ensure FISMA compliance across systems.
Support and oversee incident response planning, coordination, and reporting in accordance with federal guidelines.
Validate execution of incident response plans and related documentation updates.
Policy Development & Stakeholder Collaboration
Develop, update, and maintain FISMA-related policies, procedures, and internal guidance documentation.
Serve as a liaison between the organization and federal oversight entities on all FISMA-related matters.
Collaborate across departments (IT, compliance, risk, and policy) to align security operations with compliance goals.
Provide subject matter expertise in meetings, reviews, and compliance briefings.
Audit & Reporting
Ensure timely execution of annual FISMA assessments and deliverables as mandated by OMB and DHS.
Compile and deliver reports to senior leadership summarizing compliance status, risks, and program performance metrics.
Required Qualifications:
Education:
Bachelor's degree in Computer Science, Cybersecurity, Information Assurance, or a related field.
Experience:
Minimum of
6 years
of experience in cybersecurity, IT governance, or risk management.
At least 2 years of direct experience managing or supporting FISMA or federal compliance programs.
Hands-on experience with NIST frameworks (e.g., 800-53, 800-37, 800-171) and FISMA audits.
Skills:
In-depth knowledge of FISMA, NIST SP 800-series, OMB A-130, and related federal cybersecurity regulations.
Experience with risk and compliance management tools, continuous monitoring, and vulnerability management systems.
Strong analytical, project management, and technical writing skills.
Effective communication skills for interfacing with leadership, stakeholders, and government clients.
Preferred Qualifications:
Experience working directly with or for federal agencies or government contractors.
Familiarity with challenges in federal information system security operations and compliance.
Professional certifications such as:
CISSP
- Certified Information Systems Security Professional
CISM
- Certified Information Security Manager
CAP
- Certified Authorization Professional
Security+ ,
CySA+ , or equivalent
Experience leading or mentoring small teams or cross-functional working groups.
#LI #CJ #DICE ___________________________________________________________________________________________________________
Here at Harmonia we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:
Recognized as a Top 20 "Best Place to Work in Virginia"
Recipient of Department of Labor's HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years
Two-time SBA SBIR Tibbett's Award winner
Virginia Values Veterans (V3) Certification
We recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Harmonia family! In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited to
Traditional and HSA- eligible medical insurance plans w/ Wellness Incentives for employees and family
100% employer-paid dental and vision insurance options
100% employer-sponsored STD, LTD, and life insurance
Veterans Cohort
Gym membership reimbursement
401(k) matching
Dollar-for-dollar 501(c)(3) donation matching
Flexible-schedules and teleworking options
Paid holidays and Flexible Paid Time Off
Adoption Expense Reimbursement
Paid Parental Leave
Professional development and career growth opportunities and paid training days
Employer-sponsored Employee Assistance Program for employee and family
Team and company-wide events, recognition, and appreciation-- and so much more!
Check out ourLinkedIn,Facebook, andInstagramto find out a little more about who we are and if we are the right next step for your career!
Harmonia is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics.Harmonia does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans.To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contactHR@harmonia.com.
#J-18808-Ljbffr