Job Details
Systems Analyst 3
2026-03-03 Compu-Vision Consulting all cities,AK
Description:
II. CANDIDATE SKILLS AND QUALIFICATIONS
Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity. Years Required/Preferred Experience 12 Required deep focus on: Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing , Cloud Security and hybrid environments 10 Required Proven experience owning SSP development end to end 10 Required Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks 10 Required Strong expertise in: Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management 8 Required bility to translate technical security issues into compliance aligned remediation actions 8 Required Strong stakeholder management skills across security, infrastructure, and application teams 8 Required Excellent written and verbal communication skills, particularly for executive stakeholders 8 Required Knowledge of NIST 800 53, NIST RMF, and privacy controls 8 Required Knowledge of Secure SDLC and DevSecOps practices 5 Preferred Experience operating in multi-vendor, multi-platform environments 5 Preferred Demonstrated ability to reduce repeat audit findings and improve compliance maturity 5 Preferred Experience mentoring or guiding teams on security governance best practices 1 Preferred Experience supporting HHSC systems, including SSP development and compliance
Title: Systems Analyst 3
Location: Austin, TX
Duration: 6 months
Interview: In-Person
Position will be 3 days remote with 2 days (Mon & Thurs) required to be onsite at the location listed above
Job Description:
The Security Engineer will project work by leading security governance, compliance, and risk management activities, with a strong focus on System Security & Privacy Plans (SSP/SSPP).
This role bridges technical security operations and regulatory compliance, ensuring audit readiness, effective vulnerability remediation, and secure delivery of public-facing services across complex, multi-platform environments.
- Lead end to end System Security & Privacy Plan (SSP/SSPP) development, maintenance, and updates for enterprise systems
- Drive remediation activities through POA&M management, ensuring timely closure of compliance gaps
- Translate penetration testing and vulnerability findings into actionable remediation work items (EPICs/user stories)
- Coordinate with application, infrastructure, and security teams to validate remediation through re-testing and evidence
- Oversee risk-based vulnerability management, including prioritisation and SLA-driven remediation
- Provide governance oversight for endpoint protection, web application security, and cloud security controls
- Produce assessor ready documentation, including configurations, monitoring evidence, approvals, and incident traceability
- Support continuous audit readiness and reduce repeat findings through disciplined governance and documentation practices
II. CANDIDATE SKILLS AND QUALIFICATIONS
Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity. Years Required/Preferred Experience 12 Required deep focus on: Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing , Cloud Security and hybrid environments 10 Required Proven experience owning SSP development end to end 10 Required Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks 10 Required Strong expertise in: Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management 8 Required bility to translate technical security issues into compliance aligned remediation actions 8 Required Strong stakeholder management skills across security, infrastructure, and application teams 8 Required Excellent written and verbal communication skills, particularly for executive stakeholders 8 Required Knowledge of NIST 800 53, NIST RMF, and privacy controls 8 Required Knowledge of Secure SDLC and DevSecOps practices 5 Preferred Experience operating in multi-vendor, multi-platform environments 5 Preferred Demonstrated ability to reduce repeat audit findings and improve compliance maturity 5 Preferred Experience mentoring or guiding teams on security governance best practices 1 Preferred Experience supporting HHSC systems, including SSP development and compliance