Overview This is aremote role in NC, AZ, and TX. We are seeking a highly skilled Cyber Security Analyst with a strong background in application security and vulnerability management. This role ...
Overview This is aremote role in NC, AZ, and TX. We are seeking a highly skilled Cyber Security Analyst with a strong background in application security and vulnerability management. This role ...
Overview This is a remote role that may only be hired in the following location(s): Arizona, Texas, or North Carolina. This position ensures the technological and digital security of the Bank. The ...
Overview This is a remote role that may only be hired in the following location(s): Arizona, Texas, or North Carolina. This position ensures the technological and digital security of the Bank. The ...
Overview This is a remote role that may only be hired in the following location(s): Arizona, Texas, or North Carolina. This position ensures the technological and digital security of the Bank. The ...
Overview This is a remote role that may only be hired in the following location(s): Arizona, Texas, or North Carolina. This position ensures the technological and digital security of the Bank. The ...
Cyber Security Engineer III - SailPoint
Carolina, RI · Remote
$130K - $168K/yr
Remote with ability to travel to Raleigh, North Carolina, Phoenix, Arizona on an as needed basis. This position leads daily engineering, operations, analysis, management, and administration of tools ...
Cyber Security Engineer III - SailPoint
Carolina, RI · Remote
$130K - $168K/yr
Remote with ability to travel to Raleigh, North Carolina, Phoenix, Arizona on an as needed basis. This position leads daily engineering, operations, analysis, management, and administration of tools ...
Cyber Security Engineer III - SailPoint
Carolina, RI · Remote
$130K - $168K/yr
Remote with ability to travel to Raleigh, North Carolina, Phoenix, Arizona on an as needed basis. This position leads daily engineering, operations, analysis, management, and administration of tools ...
Cyber Security Engineer III - SailPoint
Carolina, RI · Remote
$130K - $168K/yr
Remote with ability to travel to Raleigh, North Carolina, Phoenix, Arizona on an as needed basis. This position leads daily engineering, operations, analysis, management, and administration of tools ...
Overview This is a remote role that may be hired in North Carolina. This position supports Information Security and Cyber Threat management programs within the Bank at a complex level of ability.
Overview This is a remote role that may be hired in North Carolina. This position supports Information Security and Cyber Threat management programs within the Bank at a complex level of ability.
Cyber Security Engineer I - PAM Engineer
Carolina, RI · On-site +1
Overview This is a remote role that can be hired in NC, AZ, and TX. We are looking for a motivated Privileged Access Management (PAM) Engineer to join our Information Security team. This role is ...
Cyber Security Engineer I - PAM Engineer
Carolina, RI · On-site +1
Overview This is a remote role that can be hired in NC, AZ, and TX. We are looking for a motivated Privileged Access Management (PAM) Engineer to join our Information Security team. This role is ...
Cyber Security Engineer I - PAM Engineer
Carolina, RI · On-site +1
Overview This is a remote role that can be hired in NC, AZ, and TX. We are looking for a motivated Privileged Access Management (PAM) Engineer to join our Information Security team. This role is ...
Cyber Security Engineer I - PAM Engineer
Carolina, RI · On-site +1
Overview This is a remote role that can be hired in NC, AZ, and TX. We are looking for a motivated Privileged Access Management (PAM) Engineer to join our Information Security team. This role is ...
Remote Rmf information
See Newport, RI salary details
$29.7K - $42.6K
23% of jobs
$46.3K is the 25th percentile. Wages below this are outliers.
$42.6K - $55.4K
6% of jobs
$55.4K - $68.3K
5% of jobs
$68.3K - $81.2K
6% of jobs
The median wage is $89.6K / yr.
$81.2K - $94.1K
14% of jobs
$94.1K - $107K
8% of jobs
$107K - $119.9K
12% of jobs
$120.3K is the 75th percentile. Wages above this are outliers.
$119.9K - $132.8K
8% of jobs
$132.8K - $145.7K
8% of jobs
$145.7K - $158.5K
5% of jobs
$158.5K - $171.4K
3% of jobs
$29.7K
$95.4K
$171.4K
How much do remote rmf jobs pay per year?
What is a Remote RMF job?
A Remote RMF (Risk Management Framework) job involves managing cybersecurity risk and compliance for an organization while working remotely. Professionals in this role ensure that IT systems align with federal security standards, such as those outlined by NIST. Responsibilities may include conducting risk assessments, implementing security controls, and maintaining compliance documentation. Remote RMF specialists often work with government agencies, contractors, or private companies handling sensitive data. This position requires expertise in cybersecurity policies, risk management, and regulatory compliance.
What are the typical daily responsibilities of a Remote RMF Specialist?
As a Remote RMF Specialist, your daily responsibilities often include conducting security assessments, preparing and reviewing authorization packages, and ensuring ongoing compliance with federal information security standards. You'll collaborate with cross-functional teams to identify risks, develop mitigation strategies, and document security control implementations. Regular communication with stakeholders, participation in virtual meetings, and continual monitoring of systems and processes to ensure compliance are also core aspects of the job. This role leverages remote work tools to collaborate effectively with cybersecurity, IT, and compliance professionals across multiple locations.
What are the key skills and qualifications needed to thrive in the Remote Rmf position, and why are they important?
To thrive as a Remote RMF (Risk Management Framework) Specialist, you need a strong understanding of information security principles, federal risk management frameworks (such as NIST SP 800-37), and relevant cybersecurity policies, typically backed by a degree in information security or related field. Familiarity with security assessment tools, governance, risk, and compliance (GRC) software, as well as certifications like CISSP, CAP, or CISM, is highly valued. Excellent organizational skills, attention to detail, and the ability to communicate complex security concepts clearly are important soft skills. These capabilities are critical to ensure regulatory compliance and robust information system security in a remote work context.

Cyber Security Analyst III - App Security & Vulnerability (Remote)
Carolina, RI • On-site, Remote
Full-time
Posted 16 days ago
First Citizens Bank rating
7.5
Based on 104 frontline employees who took The Breakroom Quiz
92nd of 149 rated banks
Job description
This is aremote role in NC, AZ, and TX.
We are seeking a highly skilled Cyber Security Analyst with a strong background in application security and vulnerability management. This role focuses on identifying, analyzing, and mitigating security risks across software development pipelines using SAST, DAST, and SCA tools. The ideal candidate combines hands-on technical expertise with knowledge of modern security practices and emerging technologies, including AI/ML.
Responsibilities
Application Security & Code Analysis
- Perform static (SAST), dynamic (DAST), and software composition analysis (SCA) to identify vulnerabilities in applications and third-party components
- Analyze scan results, triage findings, and prioritize remediation efforts based on risk
- Partner with development teams to remediate vulnerabilities and improve secure coding practices
Vulnerability Management
- Conduct regular security assessments and vulnerability scans across applications and environments
- Validate and reproduce vulnerabilities, including false positive elimination
- Track and report vulnerability metrics, risk trends, and remediation progress
Security Tools & Automation
- Configure, deploy, and maintain security scanning tools (e.g., Checkmarx, Veracode, Fortify, Snyk, Burp Suite, OWASP ZAP)
- Automate security testing processes using scripting or APIs
- Improve scanning efficiency and coverage through tuning and optimization
#LI-IK1
Qualifications
Bachelor's Degree and 6 years of experience in Information Security OR High School Diploma or GED and 10 years of experience in Information Security
Required Qualifications
- Hands-on experience with:
- SAST, DAST, and SCA tools
- Web application security testing (OWASP Top 10, API security)
- Strong understanding of:
- Secure software development lifecycle (SDLC / DevSecOps)
- Common vulnerabilities (e.g., injection, XSS, authentication flaws)
- Proficiency in one or more programming/scripting languages (e.g., Python, Java, JavaScript, Bash)
- Experience interpreting and prioritizing scan results and remediation plans
Preferred Qualifications
- Experience integrating security tools into CI/CD pipelines (e.g., Jenkins, GitHub Actions, Azure DevOps)
- Familiarity of container and cloud security (AWS, Azure, GCP)
- Familiarity with AI/ML concepts and security implications
- Industry certifications such as:
- CEH, Security+, SSCP, GIAC or comparable.
Key Skills
- Strong analytical and problem-solving skills
- Provide risk-based recommendations to stakeholders
- Ability to communicate technical findings to both technical and non-technical stakeholders
- Experience working cross-functionally with development and engineering teams
- Attention to detail with a risk-based security mindset
Nice-to-Have Experience
- API security testing tools (Postman, SoapUI)
- AI-assisted security tooling (e.g., anomaly detection, code analysis assistants)
- Knowledge of regulatory frameworks (NIST, ISO 27001, SOC 2)
- AI/ML & Emerging Technologies
- Leverage AI/ML-based security tools for enhanced detection and analysis
- Assess risks related to AI/ML models (e.g., data poisoning, model inversion, adversarial attacks)
- Participate in securing AI-driven applications and data pipelines
- Threat Analysis & Risk Management
- Assess potential threats and attack vectors relevant to applications and APIs
- Apply threat modeling techniques (e.g., STRIDE) during development lifecycle
Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits.
Qualifications:Bachelor's Degree and 6 years of experience in Information Security OR High School Diploma or GED and 10 years of experience in Information Security
Required Qualifications
- Hands-on experience with:
- SAST, DAST, and SCA tools
- Web application security testing (OWASP Top 10, API security)
- Strong understanding of:
- Secure software development lifecycle (SDLC / DevSecOps)
- Common vulnerabilities (e.g., injection, XSS, authentication flaws)
- Proficiency in one or more programming/scripting languages (e.g., Python, Java, JavaScript, Bash)
- Experience interpreting and prioritizing scan results and remediation plans
Preferred Qualifications
- Experience integrating security tools into CI/CD pipelines (e.g., Jenkins, GitHub Actions, Azure DevOps)
- Familiarity of container and cloud security (AWS, Azure, GCP)
- Familiarity with AI/ML concepts and security implications
- Industry certifications such as:
- CEH, Security+, SSCP, GIAC or comparable.
Key Skills
- Strong analytical and problem-solving skills
- Provide risk-based recommendations to stakeholders
- Ability to communicate technical findings to both technical and non-technical stakeholders
- Experience working cross-functionally with development and engineering teams
- Attention to detail with a risk-based security mindset
Nice-to-Have Experience
- API security testing tools (Postman, SoapUI)
- AI-assisted security tooling (e.g., anomaly detection, code analysis assistants)
- Knowledge of regulatory frameworks (NIST, ISO 27001, SOC 2)
- AI/ML & Emerging Technologies
- Leverage AI/ML-based security tools for enhanced detection and analysis
- Assess risks related to AI/ML models (e.g., data poisoning, model inversion, adversarial attacks)
- Participate in securing AI-driven applications and data pipelines
- Threat Analysis & Risk Management
- Assess potential threats and attack vectors relevant to applications and APIs
- Apply threat modeling techniques (e.g., STRIDE) during development lifecycle
Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits.
Education:UNAVAILABLEEmployment Type: FULL_TIMEWhat First Citizens Bank employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom