2

Remote Fisma Compliance Jobs (NOW HIRING)

... FISMA Compliance, RMF, Incident Analysis, and General Security Best Practices. * Possess strong ... Remote Work Policy Remote work necessitates a high level of trust in our employees. To ensure that ...

... FISMA Compliance, RMF, Incident Analysis, and General Security Best Practices. * Possess strong ... Remote Work Policy Remote work necessitates a high level of trust in our employees. To ensure that ...

Remote Role Duration: Long Term Contract Role Overview, * The Program Manager - CBO vSOC will lead ... Ensure all operations are audit-ready and compliant with NIST SP 800-53, NIST 800-61, FISMA, and ...

... to NASA IT security standards and FISMA compliance. * Documentation: Write comprehensive ... Remote Sensing or a related technical field from an ABET-accredited university. * Bachelor's degree ...

Everforth ECS is seeking a Cybersecurity Architect to work in our Portland, OR/Remote office ... Align security solutions with federal compliance frameworks (FISMA, NIST SP 800-53, NIST SP 800-137 ...

This position is fully remote. This position requires a Public Trust or the ability to obtain a ... Ensure compliance with FISMA, OMB guidance, HHS cybersecurity policy, NIH security requirements ...

New

This position is fully remote. This position requires a Public Trust or the ability to obtain a ... Ensure compliance with FISMA, HHS, NIH, NIST, OMB, and Federal cybersecurity requirements. * Review ...

New

Apply Early

Support PQC compliance with FISMA, NIST, and federal cybersecurity mandates. * Drive Risk ... Remote Work Policy Remote work necessitates a high level of trust in our employees. To ensure that ...

The SOC Lead will serve as the escalation authority, ensuring operational excellence, audit readiness, and compliance with federal frameworks such as NIST SP 800-53 and FISMA . Key Responsibilities

next page

Showing results 1-20

Remote Fisma Compliance information

See salary details

$50K

$157.5K

How much do remote fisma compliance jobs pay per year?

As of Jul 3, 2026, the average yearly pay for remote fisma compliance in the United States is $152,036.00, according to ZipRecruiter salary data. Most workers in this role earn between $157,000.00 and $157,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Remote FISMA Compliance Specialist, and why are they important?

To thrive as a Remote FISMA Compliance Specialist, you need a thorough knowledge of information security, risk management, and federal compliance frameworks, often supported by certifications like CISSP or CISM. Familiarity with tools such as NIST SP 800-53, continuous monitoring platforms, and vulnerability assessment systems is essential. Strong analytical thinking, attention to detail, and clear communication are vital soft skills for interpreting regulations and collaborating with distributed teams. These competencies ensure federal information systems remain secure, compliant, and resilient against evolving threats.

Can you make $200,000 in cyber security?

Remote FISMA Compliance roles in cybersecurity can offer salaries approaching or exceeding $200,000 for experienced professionals with specialized skills, certifications like CISSP or CISA, and extensive industry experience. Salary levels depend on factors such as location, company size, and individual expertise, with senior roles and government contracts often providing higher compensation.

Are compliance jobs well paid?

FISMA compliance jobs typically offer competitive salaries, especially for roles requiring cybersecurity knowledge, risk management skills, and security certifications. Salaries vary based on experience, location, and organization size, but these positions generally provide above-average pay within the cybersecurity field.

What is the difference between Remote Fisma Compliance vs Remote Cybersecurity Analyst?

AspectRemote Fisma ComplianceRemote Cybersecurity Analyst
CertificationsFISMA, CISSP, CISACISSP, CompTIA Security+
Work EnvironmentGovernment agencies, contractorsPrivate sector, corporations
Industry UsageFederal agencies, defenseVarious industries including finance, healthcare
Primary FocusEnsuring compliance with FISMA regulationsIdentifying and mitigating security threats

Remote Fisma Compliance specialists focus on ensuring organizations adhere to FISMA regulations, often working with government agencies or contractors. In contrast, Remote Cybersecurity Analysts analyze security systems to prevent breaches across various industries. While both roles require security certifications, Fisma Compliance emphasizes regulatory adherence, whereas Cybersecurity Analysts focus on threat detection and response.

What is a Remote FISMA Compliance specialist?

A Remote FISMA Compliance specialist is a professional who ensures that an organization's information systems adhere to the security standards set by the Federal Information Security Management Act (FISMA) while working remotely. Their responsibilities include assessing security controls, conducting risk assessments, preparing compliance documentation, and coordinating audits to maintain federal compliance. They play a critical role in protecting sensitive government data and supporting organizations in meeting federal cybersecurity requirements, all while working from a remote location.

Can you make $500,000 a year in cyber security?

Remote FISMA Compliance roles in cybersecurity can offer high salaries, especially for senior positions with specialized skills, certifications like CISSP, and experience in government or regulated environments. Achieving a $500,000 annual income typically requires advanced expertise, leadership roles, or consulting work, which are less common but possible in the field. Most cybersecurity professionals earn lower salaries, but top-tier experts and executives can reach or exceed this level.

What are some common challenges faced by professionals in remote FISMA compliance roles?

One common challenge in remote FISMA compliance roles is ensuring consistent and secure communication with both internal teams and external auditors while handling sensitive data from offsite locations. Additionally, remote professionals must maintain up-to-date knowledge of evolving federal regulations and interpret how they apply to different systems without in-person collaboration. Effective time management and proactive coordination with IT, security, and compliance teams are crucial, as much of the work involves documentation, risk assessments, and continuous monitoring activities that require cross-functional input.

Can grc jobs be remote?

GRC (Governance, Risk, and Compliance) jobs, including FISMA compliance roles, are often available remotely, especially in organizations that support telework. These positions typically require knowledge of security frameworks, compliance standards, and tools like GRC software, and many employers offer remote work options depending on the company's policies and the nature of the responsibilities.
What cities are hiring for Remote Fisma Compliance jobs? Cities with the most Remote Fisma Compliance job openings:
What are the most commonly searched types of Fisma Compliance jobs? The most popular types of Fisma Compliance jobs are:
What states have the most Remote Fisma Compliance jobs? States with the most job openings for Remote Fisma Compliance jobs include:
Infographic showing various Remote Fisma Compliance job openings in the United States as of June 2026, with employment types broken down into 1% As Needed, 90% Full Time, 3% Part Time, and 6% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $152,036 per year, or $73.1 per hour.
DevSecOps & Site Reliability Engineering (SRE) Technical Director (Remote)

DevSecOps & Site Reliability Engineering (SRE) Technical Director (Remote)

Oxley Enterprises®, Inc.

Stafford, VA • Remote

$58.25 - $77.50/hr

Full-time

Medical, Dental, Vision, Life, Retirement

Posted 10 days ago


Job description

The following states/districts are excluded from this job ad: AK, CA, CO, CT, DC, HI, LA, MA, MN, MO, NE, NV, NH, NJ, NM, NY, ND, OR, PR, RI, VT, WA, WY

Future Need - Actively Interviewing

Location: Remote in any United States jurisdiction not excluded from this job advertisement.

Lead the secure delivery and reliability engineering of a mission-critical VA cloud platform! As the DevSecOps & SRE Technical Director, you will support CI/CD pipeline architecture, platform reliability engineering, and automated delivery practices supporting the Department of Veterans Affairs (VA).

Position Description: The DevSecOps and Site Reliability Engineering (SRE) Technical Director provides senior technical leadership for all DevSecOps practices, SRE services, and automated delivery pipelines across the VA healthcare environment while ensuring CI/CD pipelines are secure, automated, and compliant.

Minimum/General Experience: 8 years of experience in DevSecOps, platform engineering, site reliability engineering, and technical leadership

Minimum Education: Bachelor's Degree in computer science, software engineering, information technology or related field

Essential Skills/Qualifications:

  • Expert experience providing technical leadership for DevSecOps and platform engineering activities supporting complex enterprise systems in a SAFe environment
  • Expert experience in cloud-native architectures, containerized environments, CI/CD pipelines, monitoring, and automated infrastructure management
  • Expert experience designing, implementing, and governing enterprise CI/CD pipeline architectures (e.g., Jenkins, GitLab CI, Tekton) in a Kubernetes/Elastic Kubernetes Service (EKS) environment
  • Expert knowledge of Infrastructure as Code (IaC) using Terraform
  • Expert ability to integrate Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), container scanning, and IaC scanning into delivery pipelines
  • Excellent experience enforcing secure software supply chain practices and zero-trust principles
  • Excellent experience enforcing IaC governance, automated testing, and policy-as-code across all environment types
  • Excellent experience with SRE practices (e.g., Service Level Indicators, objectives, agreements, error budget management, capacity planning, toil reduction via automation)
  • Excellent knowledge of advanced deployment strategies (e.g., blue/green, canary, rolling deployments) with automated rollback in Kubernetes environments
  • Excellent understanding of observability practices (e.g., logging, metrics, distributed tracing and integration with enterprise monitoring platforms (e.g., Dynatrace, Splunk))
  • Above average experience supporting Authority to Operate (ATO) processes, continuous authorization, and audit activities in a Federal Risk management Framework (RMF) environment
  • Above average knowledge of PI Planning, DevSecOps maturity models, and DevOps metrics (e.g., deployment frequency, change failure rate, MTTR)
  • Working knowledge of VA OI&T security policies, FISMA compliance requirements, and NIST 800-53 control implementation in DevSecOps contexts
  • Experience supporting Federal Government programs and large-scale mission-critical applications operating in cloud or hybrid environments
  • Excellent written and verbal communication skills

General Physical Requirements needed to perform the essential functions of this job may vary based on the location of the assignment.

  • Assignment Location - Remote
  • Sedentary Work - Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects.
  • Typing, communicating, repetitive motions.
  • Close visual acuity to prepare and analyze data, view computer monitors and read. May need to view presentation screens and other visual aids in a virtual setting.
  • Inside environmental conditions with protection from outside elements.

Security: Active Federal Civilian Public Trust clearance

  • U.S. Citizenship or Permanent Resident that has lived in the United States for at least 3 years

Federal Civilian Public Trust Consists of a review of up to but not limited to:

  • Covers 10 year period and in some instances lifetime events
  • OPM Security Investigations Index (SII)
  • DOD Defense Central Investigations Index (DCII)
  • National Agency Check (NAC) records
  • FBI name check
  • FBI fingerprint check
  • Credit report check
  • Written inquiries to previous employers and references listed on the application for employment
  • Potential interviews with the subject, spouse, neighbors, supervisor, coworkers
  • Law enforcement check
  • Court records check
  • Education check - Attendance and Degrees

Acceptable Credentials

Tasks/Activities include, but are not limited to:

  • Maintains regular communication with the Contracting Officer's Representative (COR) and Government technical leadership regarding platform reliability, deployment activities, and operational improvements
  • Provides senior technical oversight for all DevSecOps and SRE activities ensuring platform delivery velocity, security posture, and operational resilience meet or exceed contractual performance objectives
  • Governs CI/CD pipeline architecture across all supported applications
  • Ensures 100% of pipelines integrate automated security testing (SAST/DAST/SCA/container scanning) and enforce environment segregation
  • Leads SRE practices including 24/7 on-call coverage governance, Golden Signal monitoring, Service Level Indicators/Objectives (SLI/SLO) definition, and incident response for all assigned applications
  • Ensures 100% of infrastructure components are provisioned and managed through approved IaC tooling
  • Enforces code reviews and approval cycle time of no more than 3 business days
  • Oversees implementation of advanced deployment strategies (e.g., blue/green, canary, rolling) with automated rollback mechanisms to minimize deployment risk to production services
  • Ensures all DevSecOps and SRE practices comply with VA security, privacy, and RMF requirements
  • Supports ATO and continuous authorization activities
  • Collaborates with leadership to align platform delivery, reliability, and observability strategies
  • Continuously evaluates and implements improvements to automation, security integration, and deployment efficiency
  • Improves DevSecOps metrics across the program

Compensation & Benefits: The annual projected pay range for this position is $104,528 - $135,714 with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location.

Oxley Enterprises, Inc. offers a full array of benefits including:

  • Medical, dental, vision and prescription drug coverage for you and your family.
  • Life Insurance, short-term disability and long-term disability paid for by the Company.
  • Supplemental coverages including Accident, Critical Illness, and Hospital.
  • Additional Life insurance coverage for you and your dependents.
  • 401k plan with various options to select based on your retirement goals.

Oxley Enterprises®, Inc. is a certified service-disabled veteran-owned (SDVOSB), veteran-owned (VOSB), and woman-owned small business (WOSB) that has 26 years of experience building and delivering quality IT systems and programs. Oxley is ranked in the INC 5000 7 times (2016, 2017, 2018, 2021, 2023, 2024, 2025). Oxley is a 2019 - 2025 Department of Labor HIRE Vets Medallion Award Winner. Oxley is Virginia Values Veterans certified.

All qualified applicants will receive consideration for employment without regard to any status protected by applicable federal, state, or local law.

If you require a reasonable accommodation to apply for a position at Oxley Enterprises, Inc., please send an email to our Human Resources Department at: careers@oxleyenterprises.com with the following information:

Subject Line: Accommodation Request

Provide a description of your accommodation request

Include your contact information: Full name, Email address, Best number to reach you (optional)

We participate in the E-Verify program. http://www.dhs.gov/E-Verify