Information Systems Security Analyst

Job Description

CTAC is seeking an experienced Information Systems Security Analyst to support a federal program focused on achieving and sustaining an Authority to Operate (ATO) for a complex, multi-tenant AWS cloud environment. This role is a key member of CTAC’s federal delivery team and is responsible for executing Risk Management Framework (RMF) activities across the full NIST lifecycle, with a strong emphasis on control validation, documentation, evidence development, and assessor engagement.

The ideal candidate will bring deep hands-on experience supporting federal ATOs, implementing NIST SP 800-53 controls, managing POA&Ms, and working directly with cloud engineers, architects, and Authorizing Officials to remediate security gaps and maintain continuous authorization readiness. This position requires a balance of technical security expertise, disciplined documentation, and the ability to operate effectively in a fast-paced, sprint-based delivery m...