Cybersecurity Compliance Anayst jobs in United States
cer-icon
Apply on Employer Site
company-logo

BigBear.ai · 18 hours ago

Cybersecurity Compliance Anayst

positionAnnapolis Junction, MD
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

BigBear.ai is seeking a Cybersecurity Compliance Analyst to manage the overall compliance posture of systems implementing an ATO Automation Platform. The role involves translating technical security implementations into compliance documentation and managing the Authority to Operate (ATO) process.

Artificial Intelligence (AI)GovernmentInformation TechnologyMachine LearningNational SecurityService Industry
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Manage end-to-end ATO processes leveraging the ATO Automation Platform’s automated documentation generation capabilities to reduce timelines from months to weeks
Review and validate AI-generated System Security Plans (SSPs), Security Assessment Plans (SAPs), and Plan of Action & Milestones (POA&Ms)
Conduct gap analyses comparing current system implementations against FedRAMP, CMMC, and NIST 800-53 requirements using ATO Automation Platform’s assessment features
Coordinate with Third-Party Assessment Organizations (3PAOs) during security assessments and provide evidence collected through an ATO Automation Platform’s automated mechanisms
Customize ATO Automation Platform compliance templates to incorporate customer-specific security overlays and organizational requirements
Monitor compliance status dashboards and triage findings identified through continuous automated scanning
Maintain compliance documentation currency by leveraging ATO Automation Platform’s code-driven documentation approach that automatically updates artifacts as systems change
Prepare monthly continuous monitoring deliverables for Authorizing Officials and security stakeholders
Customize the ATO Automation Platform’s FedRAMP Moderate baseline template to include Intelligence Community Directive 503 overlay controls
Review AI-generated control implementation statements for AC-2 (Account Management) and validate against actual IAM configurations
Coordinate initial readiness assessment with 3PAO, providing evidence packages auto-generated by the ATO Automation Platform
Configure the ATO Automation Platform to map customer’s AWS security group configurations to SC-7 (Boundary Protection) control requirements
Generate monthly POA&M updates using the ATO Automation Platform’s automated vulnerability tracking and remediation status features

Qualification

FedRAMP complianceNIST 800-53CMMC 2.0ATO processes managementRisk Management FrameworkCompliance documentation standardsContinuous monitoringCloud security modelsAI-driven compliance platformsOSCAL data formatsCISSP certificationCAP certificationSupply chain risk management

Required

Bachelor's Degree with a Technical concentration with at least 10 years of professional experience
TS/SCI with an active Poly clearance
Deep expertise in federal compliance frameworks: FedRAMP (Low/Moderate/High), NIST 800-53 Rev 5, CMMC 2.0
Experience managing ATO processes and working with Authorizing Officials and 3PAOs
Strong understanding of Risk Management Framework (RMF) and security assessment methodologies
Proficiency in compliance documentation standards including SSPs, SAPs, SAPs, POA&Ms
Knowledge of federal information security regulations (FISMA, DFARS clauses)
Experience with continuous monitoring requirements and reporting
Understanding of cloud security models and shared responsibility frameworks
Ability to interpret technical security configurations and translate them into compliance language

Preferred

Prior experience with AI-driven or automated compliance platforms
Familiarity with OSCAL data formats and machine-readable compliance artifacts
Experience with DoD Security Requirements Guide (SRG) or Intelligence Community compliance requirements
Knowledge of GovRAMP or state-level compliance frameworks
Certifications: Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), FedRAMP training certifications
Understanding of supply chain risk management and SBOM requirements
Experience working in classified or air-gapped environments
Background in federal procurement and contract compliance

Company

BigBear.ai

twittertwittertwitter
company-logo
BigBear.ai's mission is to deliver clarity for the world's most complex decisions.
dateFounded in 2020
location
Fairfax, Virginia, USA
people-size501-1000 employees
web-link
https://www.bigbear.ai

Funding

Current Stage
Public Company
Total Funding
$225M
2023-01-17Post Ipo Equity· $25M
2021-12-08Post Ipo Debt· $200M
2021-12-08IPO

Leadership Team

leader-logo
Sean Ricker
Chief Financial Officer
linkedin

Recent News

Morningstar.com
BigBear.ai Partners with the Kraft Group and New England Patriots to Drive Digital Transformation Efficiencies
2026-01-11
thefly.com
BigBear.ai forms AI-driven partnership with Kraft Group and Patriots
2026-01-11
The Motley Fool
Down 20%, Should You Buy the Dip on BigBear.ai (BBAI) Stock?
2026-01-11
Company data provided by crunchbase