1

Poam Jobs (NOW HIRING)

The Technical Security Analyst will be responsible for maintenance of the commercial and corporate environment POAM and analysis of the corresponding vulnerability scans; development of the metrics ...

Senior Security Engineer

Dallas, TX · On-site

$113K - $155K/yr

Maintain accurate POAM records for all security-classified vulnerabilities ensuring * remediation dates, risk classifications, and fix approaches are documented to audit standards required in a ...

Project Manager--Michigan --PMP

Lansing, MI · On-site

$99K - $118K/yr

Required 5 years Scrum Master Certified Required 5 years System Security Plans (SSP) Required 5 years Plan of Action and Milestones (POAM) Required 5 years Possession of a Project Management ...

New

Senior Security Engineer

Dallas, TX · On-site

$113K - $155K/yr

Maintain accurate POAM records for all security-classified vulnerabilities ensuring * remediation dates, risk classifications, and fix approaches are documented to audit standards required in a ...

... POAM). Reviews, analyzes and identifies opportunities and leads to PSP to reduce policy burden on enterprise and increase the proper alignment across the agency. Properly manages potential policy ...

Senior Security Engineer

Dallas, TX · On-site

$113K - $155K/yr

Maintain accurate POAM records for all security-classified vulnerabilities ensuring * remediation dates, risk classifications, and fix approaches are documented to audit standards required in a ...

Senior Security Engineer

Dallas, TX · On-site

$113K - $155K/yr

Maintain accurate POAM records for all security-classified vulnerabilities ensuring * remediation dates, risk classifications, and fix approaches are documented to audit standards required in a ...

Senior Security Engineer

Dallas, TX · On-site

$113K - $155K/yr

Maintain accurate POAM records for all security-classified vulnerabilities ensuring * remediation dates, risk classifications, and fix approaches are documented to audit standards required in a ...

Senior Security Engineer

Dallas, TX · On-site

$113K - $155K/yr

Maintain accurate POAM records for all security-classified vulnerabilities ensuring * remediation dates, risk classifications, and fix approaches are documented to audit standards required in a ...

Maintain up to date POAM throughout projects. Research current Army and TRADOC publications to discover any publication needing updates due to changes in organizations for all publications to be ...

Job ID: MI-162088 Hybrid/Local (Dimondale ONLY) MI Govt PM (CSM/PMP/5 pages resume/15+) with SSP/POAM, Clarity/PPM/PMM/SUITE/SEM, MS Project, COTS, vendor/change management experience Location:

New

Senior Security Engineer

Farmers Branch, TX · On-site

$110K - $150K/yr

Maintain accurate POAM records for all security-classified vulnerabilities ensuring * remediation dates, risk classifications, and fix approaches are documented to audit standards required in a ...

next page

Showing results 1-20

Poam information

See salary details

$14

$24

$41

How much do poam jobs pay per hour?

As of Jul 15, 2026, the average hourly pay for poam in the United States is $24.25, according to ZipRecruiter salary data. Most workers in this role earn between $18.27 and $26.44 per hour, depending on experience, location, and employer.

What are some common challenges faced by POAMs (Program Objective Assessment Managers) when managing multiple projects simultaneously?

POAMs often juggle several projects with competing deadlines and priorities, which can make it challenging to allocate resources and maintain clear communication across teams. Balancing the need for thorough documentation with timely progress reporting—especially in highly regulated environments—requires strong organizational skills and attention to detail. Collaborating with diverse stakeholders, such as technical leads, compliance officers, and executive sponsors, is essential to ensure all program objectives are met and risks are effectively managed. Successful POAMs develop efficient tracking systems and proactive communication strategies to stay ahead of potential issues.

What are POAMs (Plans of Action and Milestones)?

POAMs, or Plans of Action and Milestones, are management tools used in cybersecurity and compliance to identify, track, and remediate security weaknesses within an organization’s information systems. They document specific steps needed to address vulnerabilities, assign responsibilities, and set deadlines for completion. POAMs are essential for maintaining compliance with standards such as NIST and FedRAMP, ensuring that organizations have a clear plan to achieve and maintain security requirements.

What are the key skills and qualifications needed to thrive as a POAM (Plan of Action and Milestones) Manager, and why are they important?

To thrive as a POAM Manager, you need a solid understanding of cybersecurity compliance frameworks, risk assessment, and project management, typically supported by experience in IT security or compliance roles. Familiarity with tools such as GRC (Governance, Risk, and Compliance) platforms, NIST SP 800-53, and related certification like CISSP or CISA is highly valuable. Strong organizational skills, attention to detail, and effective communication are crucial soft skills for coordinating remediation efforts and reporting to stakeholders. These competencies ensure that security gaps are properly tracked, managed, and remediated to maintain organizational compliance and reduce risk.

What is the difference between Poam vs Network Security Analyst?

AspectPoamNetwork Security Analyst
Required CredentialsTypically security certifications like CISSP, CEH, or CompTIA Security+Same certifications, often with additional network-specific credentials
Work EnvironmentSecurity teams, government agencies, or private firms focusing on security plansIT departments, cybersecurity firms, or corporate security teams
Employer & Industry UsageUsed in security planning and compliance documentationUsed in monitoring, analyzing, and responding to security threats

Poam (Plan of Action and Milestones) and Network Security Analyst roles both require security certifications and work within cybersecurity environments. Poam focuses on security planning and compliance, while Network Security Analysts actively monitor and respond to security threats. Both roles are essential in maintaining organizational security but serve different functions within the cybersecurity landscape.

More about Poam jobs
What states have the most Poam jobs? States with the most job openings for Poam jobs include:
Infographic showing various Poam job openings in the United States as of July 2026, with employment types broken down into 86% Full Time, 9% Part Time, and 5% Contract. Highlights an 86% Physical, 1% Hybrid, and 13% Remote job distribution, with an average salary of $50,446 per year, or $24.3 per hour.
System Technical Security Analyst

System Technical Security Analyst

FSR, LLC.

Herndon, VA • On-site, Remote

Full-time

Re-posted 27 days ago


Job description

Company Description
Entrusted by companies with challenging Cyber Security and IT data management recruiting needs, Flex Staffing Resources identifies exceptional talent and cutting edge companies and brings them together.
Job Description
System Technical Security Analyst
Location of Services: Herndon, VA 20171 (Remote)
Employment Type: FTE + Benefits
Client is supporting the FedRAMP and FISMA authorization(s) of new Cloud Products and 3rd Party Applications into our various cloud environments. This effort requires security testing/assessment support, the knowledge/development of the appropriate security documentation (i.e., System Security Plan (SSP), plans and procedures), and ongoing continuous monitoring activities. This position is majority remote (post-pandemic).
This role serves as a "hands-on" senior-level technical security analyst responsible for interfacing with the build, operations and security engineering teams on security issues and information gathering; creating and managing the Plan of Action and Milestones (POAM) for multiple environments, configuration/execution/analysis of vulnerability scans, gathering the security control implementations information for the technical controls and documenting their implementation in the SSP.
Additionally, this role will assist with the security assessments, and continuous monitoring evidence for any of the CLIENT environments (corporate, commercial regulated, FedRAMP, DOD and International).
The Technical Security Analyst will be responsible for maintenance of the commercial and corporate environment POAM and analysis of the corresponding vulnerability scans; development of the metrics / trends of vulnerabilities, assisting with the FedRAMP or FISMA authorization processes to include prep of the operations and build teams, and technical documentation summary and update as required. This role serves as a senior level technical security analyst who has the knowledge to create policies and execute vulnerability scans as needed, evaluates the vulnerability scan data and control implementation and who can provide thoughtful recommendations, as well as conduct security impact analysis of changes to the environments. This role must communicate between security, engineering, build/development and operations teams daily, and be able to interpret and document the results of data gathering.
GENERAL RESPONSIBILITES:
  • Configuration, Execution and Analysis of vulnerability scans
  • Ability to interpret and assess network diagrams and drawings using Visio.
  • Identify and assess Cloud System state, including vulnerabilities, RMF package status/accreditation model, PPS compliance, and patching, Cyber Security Vulnerability Assessments (CSVA) mechanisms.
  • Demonstrate familiarity with current FedRAMP, DOD and NIST Security controls and technologies, including vulnerability management capabilities.
  • Understand enterprise operating environments, including security posture, application environment, and associated security controls
  • Understand/document information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
  • Gather information, architecture diagrams and implementation of the security controls through interfacing with the security engineering, operations and build teams
  • Develop security documentation input of technical control implementation
  • Understand the intent of the FedRAMP moderate security controls, FISMA security controls and communicate as needed
  • Assist with the FedRAMP or FISMA authorization to include, but not limited to, prep of security engineering, build and operations teams through training and mock interviews, update implementation language in the security documentation and develop processes as required, and support FedRAMP PMO/ Agency / CISO requests
  • Maintain and update a monthly Plan of Actions and Milestones (POAM), inventory and other continuous monitoring deliverables as appropriate
  • Ability to respond effectively to customer's concerns regarding ConMon activities

Qualifications
  • Bachelor's Degree in Computer Science / MIS / Information Technology, or equivalent experience in Information Security, Information Technology, or related technical discipline
  • Minimum 5 years Information Technology experience
  • Experience with Cloud technologies, especially AWS and Azure, desirable
  • Experience with FedRAMP and/or other authorization processes and NIST risk management framework
  • Execution and Analysis of vulnerability scans; such as but not limited to: Nessus/Security Center, WebInspect, etc.
  • Familiarity with Splunk to execute queries, search/review data for impact.
  • Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems, desirable
  • Flexible, self-motivated, and able to work independently in a fast paced environment
  • Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
  • Skill in preparing and making written and oral presentations of complex technical nature.
  • Demonstrated ability to coordinate multiple tasks
  • U.S. Citizenship

SPECIFIC TECHNICAL SKILLS DESIRED:
  • Professional industry certifications in area of expertise.
  • Knowledge of Best Practice and security guides (ex. NIST 800-53 rev 4, NIST 800-53, FedRAMP)
  • ISC CISSP or ISACA CISM or equivalent certification

Additional Information
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.