FISMA Program Analyst (McLean)

Harmonia Holdings Group, LLC is an award-winning, rapidly growing federal government contractor committed to providing innovative, high-performing solutions to our government clients and focused on fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction.

We are seeking a highly organized and proactive FISMA Program Analyst to lead the execution and ongoing compliance of the Federal Information Security Modernization Act (FISMA) program for a federal client. This role ensures that the organization's information security and risk management practices meet all applicable federal requirements, including OMB memoranda, DHS directives, and NIST guidance.

The ideal candidate will have strong experience in federal cybersecurity frameworks, compliance programs, and risk management, along with excellent communication and stakeholder engagement skills.

Key Responsibilities:

FISMA Compliance & Program Management

• Oversee and support the development, implementation, and ongoing management of a FISMA compliance program.


• Ensure alignment with federal cybersecurity regulations, including NIST SP 800-53, SP 800-37, FIPS 199, and others.


• Coordinate with internal and external auditors to evaluate system security postures and support audit engagements.


• Prepare and maintain FISMA-required documentation, including System Security Plans (SSPs), Security Authorization Packages (SAPs), and Continuous Monitoring (ConMon) reports.

Security Risk Management

• Maintain visibility into organizational risk assessments for High Value Assets (HVAs) and other critical systems.


• Review, document, and track selected security controls for effectiveness and completeness.


• Monitor and report on remediation efforts tied to identified system vulnerabilities and risks.

Incident Response & Continuous Monitoring

• Manage the organization's continuous monitoring activities to ensure FISMA compliance across systems.


• Support and oversee incident response planning, coordination, and reporting in accordance with federal guidelines.


• Validate execution of incident response plans and related documentation updates.

Policy Development & Stakeholder Collaboration

• Develop, update, and maintain FISMA-related policies, procedures, and internal guidance documentation.


• Serve as a liaison between the organization and federal oversight entities on all FISMA-related matters.


• Collaborate across departments (IT, compliance, risk, and policy) to align security operations with compliance goals.


• Provide subject matter expertise in meetings, reviews, and compliance briefings.

Audit & Reporting

• Ensure timely execution of annual FISMA assessments and deliverables as mandated by OMB and DHS.


• Compile and deliver reports to senior leadership summarizing compliance status, risks, and program performance metrics.

Required Qualifications:

Education:

• Bachelor's degree in Computer Science, Cybersecurity, Information Assurance, or a related field.

Experience:

• Minimum of 6 years of experience in cybersecurity, IT governance, or risk management.


• At least 2 years of direct experience managing or supporting FISMA or federal compliance programs.


• Hands-on experience with NIST frameworks (e.g., 800-53, 800-37, 800-171) and FISMA audits.

Skills:

• In-depth knowledge of FISMA, NIST SP 800-series, OMB A-130, and related federal cybersecurity regulations.


• Experience with risk and compliance management tools, continuous monitoring, and vulnerability management systems.


• Strong analytical, project management, and technical writing skills.


• Effective communication skills for interfacing with leadership, stakeholders, and government clients.

Preferred Qualifications:

• Experience working directly with or for federal agencies or government contractors.


• Familiarity with challenges in federal information system security operations and compliance.


• Professional certifications such as:




• CISSP - Certified Information Systems Security Professional


• CISM - Certified Information Security Manager


• CAP - Certified Authorization Professional


• Security+ , CySA+ , or equivalent


• Experience leading or mentoring small teams or cross-functional working groups.

#LI #CJ #DICE

___________________________________________________________________________________________________________

Here at Harmonia we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:

• Recognized as a Top 20 Best Place to Work in Virginia


• Recipient of Department of Labor's HireVets Gold Medallion


• Great Place to Work Certification for five years running


• A Virginia Chamber of Commerce Fantastic 50 company


• A Northern Virginia Technology Council Tech 100 company


• Inc. 5000 list of fastest growing companies for eleven years


• Two-time SBA SBIR Tibbett's Award winner


• Virginia Values Veterans (V3) Certification

We recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Harmonia family! In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited to

• Traditional and HSA- eligible medical insurance plans w/ Wellness Incentives for employees and family


• 100% employer-paid dental and vision insurance options


• 100% employer-sponsored STD, LTD, and life insurance


• Veterans Cohort


• Gym membership reimbursement


• 401(k) matching


• Dollar-for-dollar 501(c)(3) donation matching


• Flexible-schedules and teleworking options


• Paid holidays and Flexible Paid Time Off


• Adoption Expense Reimbursement


• Paid Parental Leave


• Professional development and career growth opportunities and paid training days


• Employer-sponsored Employee Assistance Program for employee and family


• Team and company-wide events, recognition, and appreciation-- and so much more!

Check out ourLinkedIn,Facebook, andInstagramto find out a little more about who we are and if we are the right next step for your career!

Harmonia is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Harmonia does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans.To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please [email protected].