1

Analyst Poam Jobs (NOW HIRING)

Compliance Analyst - (Hybrid)

Herndon, VA · On-site

$115K - $140K/yr

Lead and manage a team of analysts through NIST 800-171a gap assessment and remediation projects ... Generate POAM's (Plan of Action and Milestone) documents for the remediation of found gaps

Apply Early

Maintain up to date POAM throughout projects. Research current Army and TRADOC publications to ... Experience in eliciting, analyzing, validating and documenting business, organizational and/or ...

... Analysis and Evaluation Directorate or equivalent. The position will perform the following: • ... Maintain up to date POAM throughout projects. • Research current Army and TRADOC publications to ...

next page

Showing results 1-20

Analyst Poam information

See salary details

$16

$31

$48

How much do analyst poam jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for analyst poam in the United States is $31.53, according to ZipRecruiter salary data. Most workers in this role earn between $25.24 and $35.82 per hour, depending on experience, location, and employer.

What are some common challenges faced by an Analyst POAM and how can they be addressed?

Analyst POAMs (Plan of Action and Milestones Analysts) often encounter challenges such as managing multiple compliance tasks simultaneously and ensuring all corrective actions are tracked and completed on time. They may also need to coordinate with various departments to gather necessary documentation and updates, which can be time-consuming. Effective communication, strong organizational skills, and familiarity with compliance frameworks like NIST or FISMA are key to overcoming these challenges. Leveraging project management tools and maintaining clear documentation can also help streamline the process and ensure timely progress.

What is the difference between Analyst Poam vs Analyst Risk?

AspectAnalyst PoamAnalyst Risk
Required CredentialsBachelor's degree, certifications like CISA or CISSP often preferredBachelor's degree, certifications like FRM or CRM often preferred
Work EnvironmentFinancial institutions, consulting firms, or regulatory agenciesFinancial services, banking, or insurance companies
Employer & Industry UsageUsed in compliance, audit, and control functionsUsed in risk management, credit, and operational risk departments

Both Analyst Poam and Analyst Risk roles require similar credentials and often work within financial or consulting environments. While Analyst Poam focuses on assessing and testing controls to meet compliance standards, Analyst Risk concentrates on identifying and managing various types of risks within organizations. Understanding these distinctions helps candidates target the right roles based on their skills and career goals.

What is an Analyst POAM?

An Analyst POAM (Plan of Actions and Milestones Analyst) is a professional responsible for managing and tracking security compliance issues within an organization. They focus on identifying, documenting, and monitoring the progress of remediation efforts for vulnerabilities or security gaps, typically as part of a cybersecurity or risk management team. Their work ensures that the organization addresses and resolves security findings in a timely manner to meet regulatory or internal compliance requirements.

What are the key skills and qualifications needed to thrive as an Analyst POA&M (Plan of Action and Milestones), and why are they important?

To thrive as an Analyst POA&M, you need a strong understanding of cybersecurity frameworks, risk management practices, and compliance requirements, typically supported by a degree in information security or a related field. Familiarity with tools like eMASS, RMF, and vulnerability assessment systems, as well as certifications such as Security+ or CISSP, is highly valued. Attention to detail, analytical thinking, and effective communication are crucial soft skills for accurately tracking issues and collaborating with stakeholders. These competencies ensure timely remediation of security gaps and ongoing compliance with regulatory standards, which are vital for organizational security and risk mitigation.
More about Analyst Poam jobs
What states have the most Analyst Poam jobs? States with the most job openings for Analyst Poam jobs include:
Infographic showing various Analyst Poam job openings in the United States as of June 2026, with employment types broken down into 93% Full Time, and 7% Part Time. Highlights an 2% Physical, and 98% Hybrid job distribution, with an average salary of $65,589 per year, or $31.5 per hour.

Compliance Analyst - (Hybrid)

IsI Enterprises LLC

Herndon, VA • On-site

$115K - $140K/yr

Full-time

Posted 5 days ago


Job description

ISI Enterprises is searching for individuals with a strong technical background to join our team as CMMC/NIST 800-171a Compliance Analysts. ISI Enterprises is a Managed Network Services provider focusing on US Government contractors who have a need to achieve CMMC compliance.
Duties/Responsibilities:
  • Work directly with IsI Enterprises client stakeholders throughout their onboarding and compliance gap assessment.
  • Lead and manage a team of analysts through NIST 800-171a gap assessment and remediation projects.
  • Review client environments and collect evidence to determine the satisfaction of CMMC/NIST controls
  • Assist clients in the formulation of a compliant set of policies and procedures.
  • Complete documentation required for a compliance assessment (Network Design Documents, Software Whitelist, etc)
  • Recommend solutions to remediate identified gaps in compliance.
  • Work directly with our Cybersecurity, Engineering, and Support departments to ensure all configurations are completed and tested in a compliant manner.
  • Generate POAM's (Plan of Action and Milestone) documents for the remediation of found gaps
  • Generate SSP (System Security Plan) documents to reflect deployed tools and assessment results
  • Interface directly with C3PAO auditors during CMMC Level 2 Audits
Qualifications:
  • As part of your work at ISI, you will potentially have access to sensitive information from the federal government. Pursuant to applicable regulations, ISI requires that all candidates for this role present proof of U.S. citizenship before hire.
  • Have at least 3 years of experience in the Defense Industrial Base as a compliance analyst or related position.
  • Possess a strong technical background and understanding of the "How" for NIST controls and not just the "What"
  • Hold a CMMC RP, CCP or CCA certification
  • Be detail oriented, process driven, and well organized
  • Have worked for or with an MSP (Managed Service Provider)
  • Work Well as a team, but also able to maintain motivation when working individually.
  • Be comfortable speaking and/or presenting to clients and team members
  • Have professional level verbal and written communications skills
  • Possess a familiarity with NIST Risk Management Framework and CMMC compliance
  • Be a self-starter, someone who is always looking to see where they can help.
What we offer:
  • The salary range for this role is $115,000 - $140,000 commensurate with experience
  • Hybrid work
  • A competitive salary and benefits package
  • A casual, friendly, and relaxed work environment
  • Professional growth encouragement and support
Industrial Security Integrators, LLC ("IsI") is an equal opportunity employer committed to affirmative action and diversity in the workplace. It is the policy of IsI to provide Equal Employment Opportunities (EEO) to Employees and Applicants, without regard to race, color, religion, sex, age, marital status, citizenship status, national origin, sexual orientation, gender identity, veteran status or disability or any other factor protected by law and to provide advancement opportunities for minorities, women, disabled individuals, and veterans. IsI is stronger and more effective when our workforce includes highly qualified individuals with diverse backgrounds, cultures, and traditions.
IsI Enterprises does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings or otherwise. Placement fees will not be paid to any recruiter unless IsI has an active agreement in place with the recruiter and such a request has been made by the IsI hiring team and such candidate was submitted to the IsI hiring team via our Applicant Tracking System. Any unsolicited resumes or other data submitted to IsI in violation of this policy may be used by IsI without obligation to pay any fees of any kind to the recruiter.