1

Associate Rmf Analyst Jobs (NOW HIRING)

Gray Analytics is seeking a Senior Cloud Information System Security Officer (ISSO) / Senior Cloud ... RMF) activities, cloud security engineering, continuous monitoring, and accreditation support ...

$13.50 - $18/hr

... IT/Cybersecurity, OR associate in IT/Cybersecurity with 5 years of experience. * Current ... RMF packages in eMASS; performing vulnerability scans with ACAS/Nessus and analyzing results ...

New

... RMF), and operational readiness standards. Responsibilities span the full SDLC, including ... Perform requirements analysis, translate stakeholder needs into technical solutions, and decompose ...

... RMF), and operational readiness standards. Responsibilities span the full SDLC, including ... Perform requirements analysis, translate stakeholder needs into technical solutions, and decompose ...

next page

Showing results 1-20

Associate Rmf Analyst information

See salary details

$33.5K

$73.6K

$139K

How much do associate rmf analyst jobs pay per year?

As of Jul 11, 2026, the average yearly pay for associate rmf analyst in the United States is $73,600.00, according to ZipRecruiter salary data. Most workers in this role earn between $61,000.00 and $83,000.00 per year, depending on experience, location, and employer.

What is the difference between Associate Rmf Analyst vs Risk Analyst?

AspectAssociate Rmf AnalystRisk Analyst
Required CredentialsBachelor's degree, relevant certifications (e.g., FRM, CFA)Bachelor's degree, certifications like FRM, CFA often preferred
Work EnvironmentFinancial institutions, risk management teamsFinancial firms, consulting, or corporate risk departments
Employer & Industry UsageCommon in banking, asset management, insuranceUsed across finance, insurance, consulting sectors

The Associate Rmf Analyst typically focuses on risk management frameworks within financial institutions, often working under senior analysts. Risk Analysts have a broader scope, analyzing various types of risks across industries. Both roles require similar credentials and work environments, but the Associate Rmf Analyst is more specialized in risk frameworks related to regulatory compliance and risk mitigation strategies.

What cities are hiring for Associate Rmf Analyst jobs? Cities with the most Associate Rmf Analyst job openings:
What are the most commonly searched types of Rmf Analyst jobs? The most popular types of Rmf Analyst jobs are:
What states have the most Associate Rmf Analyst jobs? States with the most job openings for Associate Rmf Analyst jobs include:
IT - SCDHHS - Security Analyst - Consultant

IT - SCDHHS - Security Analyst - Consultant

SUNSHINE ENTERPRISE USA LLC

Columbia, SC • On-site

$110K/yr

Contractor

Re-posted 23 days ago


Job description


Job Title: Security Analyst
Location: Columbia, SC Hybrid (4 days in office, 1 days remote).
Position Type: C2C/W2
Years of Experience:08+ years
Duration of the Contract: 12 months
Interview Process: 2 rounds, Virtual & In Person
Candidate Location: Candidate MUST be a SC resident or willing to relocate to SC prior to starting the role at their own expense.

Project Scope:
We are seeking an experienced Senior Information System Security Officer (ISSO) to support enterprise-level cybersecurity and compliance initiatives within a large, complex information systems environment. This role requires hands-on leadership in security governance, risk management, and regulatory compliance aligned with federal and state standards.
The Security Analyst (Senior ISSO) will actively participate in day-to-day security operations, oversee compliance activities, and serve as a trusted cybersecurity advisor to leadership, internal teams, vendors, and business partners.
Key Responsibilities:
Security Program & Compliance Leadership
• Lead and support FISMA Risk Management Framework (RMF) compliant security programs, including CMS MARS-E and similar frameworks.
• Develop, maintain, and validate security documentation such as:
oSystem Security Plans (SSPs)
oPrivacy Impact Assessments (PIAs)
oInterconnection Security Agreements (ISAs)
oComputer Matching Agreements (CMAs)
• Integrate RMF and Assessment & Authorization (A&A) activities into the System Development Life Cycle (SDLC).
• Serve as the primary point of contact for third-party audits and security assessments.
Risk Management & Architecture Reviews
• Perform detailed architectural and risk reviews, including:
oNetwork design and information flow
oSystem and data access models
oFirewall rule requests (ports, protocols, services)
oConfiguration baseline deviation requests
oVulnerability management findings
• Provide sound risk-based recommendations to stakeholders.
Audit, Assessment & Vendor Oversight
• Audit and assess internal systems and external business partner or vendor security controls.
• Conduct security and compliance reviews of:
oContracts
oBusiness Associate Agreements (BAAs)
oData Sharing and Usage Agreements
• Collaborate with vendors and multiple internal teams to ensure compliance with security initiatives.
Tools & Documentation
• Utilize tools such as:
oArcher (eGRC)
oService management/ticketing systems
oMicrosoft Office Suite (Word, Excel, PowerPoint, Visio)
oAtlassian, Bizagi, and other workflow/documentation platforms
• Produce clear, accurate audit and assessment reports aligned with organizational standards.
Required Skills & Experience:
Hands-on experience with the following technologies is highly desirable:
  • Archer orother eGRC platforms
  • IBM System390/zSeries
  • Linux andWindows Servers
  • Relationaland NoSQL databases
  • Networkfirewalls, IPS, routing, and switching infrastructure
  • SIEMsolutions
  • Identity andAccess Management (IAM) systems
  • Cloudsecurity and vendor management environments

Required Qualifications:
5+ years of experience in IT security, infrastructure, or system auditing
Prior experience working within a FISMA-compliant environment
Experience with eGRC tools
Strong working knowledge of:
  • FISMA
  • NIST
  • CMS MARS-E
  • HIPAASecurity & Privacy rules

Ability to work independently and collaboratively in a fast-paced environment
Strong communication skills with both technical and non-technical stakeholders
Intermediate to advanced proficiency in Microsoft Office tools
Certification:
ISC (2), ISACA, SANS GIAC and/or other Information Security Certification is required.