ZipRecruiter

Log In

1

Analyst Poam Jobs (NOW HIRING)

USAJOBS - Search

$89K/yr

... POAM) development and reporting for NIPRNet and SIPRNet environments. * Serves as liaison in working with Cyber Security staff and performs risk analysis of IT security posture, to include ...

U.S. Department of Defense (DOD)

$89K/yr

... POAM) development and reporting for NIPRNet and SIPRNet environments. * Serves as liaison in working with Cyber Security staff and performs risk analysis of IT security posture, to include ...

VTG

Systems Engineer

Chantilly, VA · On-site

... analysis, timeline analysis, cost estimation, requirements allocation, and interfaced definition ... Plan of Action & Milestone (POAM) tracking • Excellent customer support and attention to detail ...

FastTek

Business Analyst

Lansing, MI · On-site

Business Analyst # 1052121 * Develops and implements risk policies, standards, and procedures (PSP ... Milestones (POAM). * Reviews, analyzes and identifies opportunities and leads to PSP to reduce ...

next page

Showing results 1-20

All JobsAnalyst Poam Jobs

Analyst Poam information

See salary details

$16

$31

$48

How much do analyst poam jobs pay per hour?

As of Jun 11, 2026, the average hourly pay for analyst poam in the United States is $31.53, according to ZipRecruiter salary data. Most workers in this role earn between $25.24 and $35.82 per hour, depending on experience, location, and employer.

What are some common challenges faced by an Analyst POAM and how can they be addressed?

Analyst POAMs (Plan of Action and Milestones Analysts) often encounter challenges such as managing multiple compliance tasks simultaneously and ensuring all corrective actions are tracked and completed on time. They may also need to coordinate with various departments to gather necessary documentation and updates, which can be time-consuming. Effective communication, strong organizational skills, and familiarity with compliance frameworks like NIST or FISMA are key to overcoming these challenges. Leveraging project management tools and maintaining clear documentation can also help streamline the process and ensure timely progress.

What is the difference between Analyst Poam vs Analyst Risk?

AspectAnalyst PoamAnalyst Risk
Required CredentialsBachelor's degree, certifications like CISA or CISSP often preferredBachelor's degree, certifications like FRM or CRM often preferred
Work EnvironmentFinancial institutions, consulting firms, or regulatory agenciesFinancial services, banking, or insurance companies
Employer & Industry UsageUsed in compliance, audit, and control functionsUsed in risk management, credit, and operational risk departments

Both Analyst Poam and Analyst Risk roles require similar credentials and often work within financial or consulting environments. While Analyst Poam focuses on assessing and testing controls to meet compliance standards, Analyst Risk concentrates on identifying and managing various types of risks within organizations. Understanding these distinctions helps candidates target the right roles based on their skills and career goals.

What is an Analyst POAM?

An Analyst POAM (Plan of Actions and Milestones Analyst) is a professional responsible for managing and tracking security compliance issues within an organization. They focus on identifying, documenting, and monitoring the progress of remediation efforts for vulnerabilities or security gaps, typically as part of a cybersecurity or risk management team. Their work ensures that the organization addresses and resolves security findings in a timely manner to meet regulatory or internal compliance requirements.

What are the key skills and qualifications needed to thrive as an Analyst POA&M (Plan of Action and Milestones), and why are they important?

To thrive as an Analyst POA&M, you need a strong understanding of cybersecurity frameworks, risk management practices, and compliance requirements, typically supported by a degree in information security or a related field. Familiarity with tools like eMASS, RMF, and vulnerability assessment systems, as well as certifications such as Security+ or CISSP, is highly valued. Attention to detail, analytical thinking, and effective communication are crucial soft skills for accurately tracking issues and collaborating with stakeholders. These competencies ensure timely remediation of security gaps and ongoing compliance with regulatory standards, which are vital for organizational security and risk mitigation.
More about Analyst Poam jobs
What states have the most Analyst Poam jobs? States with the most job openings for Analyst Poam jobs include:
What job categories do people searching Analyst Poam jobs look for? The top searched job categories for Analyst Poam jobs are:
Analyst Poam jobs near you

Information Systems Security Analyst/Specialist

USAJOBS - Search

Battle Creek, MI • On-site

$89K/yr

Other

Posted 16 days ago

Job description

See below for important information regarding this job.
Position will be filled at any of the locations listed below. Site specific salary information as follows:
  • Battle Creek, MI: $89,508 - $ 116,362
  • Columbus, OH: $93,400 - $121,422
  • Dayton, OH: $92,841- $120,696
  • Fort Belvoir, VA: $102,415- $133,142
  • New Cumberland, PA: $102,415- $133,142
  • Ogden, UT: $89,508 - $ 116,362
  • Philadelphia, PA: $98,630- $128,221
  • Richmond, VA: $93,499- $121,551
Qualifications:To qualify for an IT Specialist (INFOSEC), your resume and supporting documentation must include:
A. Specialized Experience: One year of specialized experience that equipped you with the particular competencies
to successfully perform the duties of the position, and is directly in or related to this position. To qualify at the
GS-12 level, applicants must possess one year of specialized experience equivalent to the GS-11 level or
equivalent under other pay systems in the Federal service, military or private sector. Applicants must meet
eligibility requirements including time-in-grade (General Schedule (GS) positions only), time-after-competitive
appointment, minimum qualifications, and any other regulatory requirements by the cut-off/closing date of the
announcement. Creditable specialized experience includes:
  • Serves as a Subject Matter Expert (SME) in developing and maintaining critical Cyber Security documentation artifacts in support of Audit Compliance, Cyber Inspection, RMF, eMASS, and A&A compliance requirements.
  • Identifies and develops specifications, recommendations, checklists and reporting procedures to assist technical staff in meeting IT security requirements at the application and server level and assists with Plan of Action and Milestones (POAM) development and reporting for NIPRNet and SIPRNet environments.
  • Serves as liaison in working with Cyber Security staff and performs risk analysis of IT security posture, to include vulnerability assessments, reporting of security patches/updates and recommended implementation of corrective or preventive actions, mitigations and remediation.
  • Performs risk analysis of IT security posture, to include vulnerability assessments, reporting of security remediation.
B. Education Substitution: Applicants may not qualify for this position based on education in lieu
of specialized experience
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Education:


Substitution of education may not be used in lieu of specialized experience for this grade level.

Employment Type: OTHER

Apply