Cybersecurity Risk and Compliance Analyst

Job Category: Technology and IT
Job Type: Remote Contract
Job Location: USA
Salary: $45/hr
Company Name: Centurion Consulting Group

Company Overview

Centurion Consulting Group, LLC is a Woman-Owned Small Business headquartered in Herndon, VA, strategically located near Washington, D.C. We are a nationally recognized consulting firm that provides tailored solutions to complex business and technology challenges across both the public and private sectors.

With over 40 years of combined leadership experience in IT staffing, federal contracting, and professional services, our executive team has successfully partnered with more than 10,000 consultants and hundreds of clients — from Fortune 100 enterprises to Inc. 5000 companies. Our industry expertise spans banking, education, federal and state government, financial services, healthcare, hospitality, insurance, non-profit, technology, telecommunications, and more.

Built on a strong foundation of industry insight and entrepreneurial success, Centurion was established to bring forward a mission-driven approach — one that blends business excellence with social responsibility.

Position Overview

Centurion Consulting Group is seeking an experienced Subject Matter Expert (SME) to support a federal cybersecurity compliance initiative. The SME will offer strategic and technical guidance in assessing, documenting, and enhancing cybersecurity controls in alignment with federal standards, particularly NIST Special Publication 800-53 Revision 5. This role requires hands-on experience conducting control assessments, supporting risk management efforts, and developing documentation that aligns with federal information security compliance frameworks.

Primary Responsibilities

  • Perform security control assessments to evaluate management, operational, assurance, and technical safeguards on federal information systems.

  • Assess effectiveness of implemented controls to confirm they are correctly deployed, functioning as intended, and meeting organizational requirements.

  • Interpret and apply NIST 800-53A Revision 5 testing methods during control evaluations.

  • Provide technical guidance to improve policies, procedures, and documentation in support of organizational security assessment programs.

  • Lead the modernization and ongoing enhancement of documentation artifacts such as Technical System Security Requirements (TSSR) and Security Evaluation Questionnaires (SEQ).

  • Deliver support for both cloud and on-premises environments in relation to data privacy and cybersecurity compliance.

  • Contribute to pre- and post-assessment planning and administrative activities.

  • Collaborate with internal teams and partner agencies to ensure risk management objectives align with broader organizational goals.

  • Produce, refine, and maintain high-quality documentation and deliverables in support of compliance, risk mitigation, and governance processes.

  • Support technical assistance initiatives to ensure complete and effective implementation of security controls across systems.

Required Skills and Qualifications

  • Bachelor’s degree and a minimum of 3 years of relevant experience, or Master’s degree with at least 1 year of relevant experience, or 7+ years of direct experience in lieu of a degree.

  • At least 2 years of experience in security control assessment, specifically using NIST frameworks.

  • Demonstrated expertise in interpreting and applying NIST 800-53 Rev. 5, NIST 800-53A, and related publications such as NIST SP 800-37, SP 800-30, SP 800-39, and FIPS guidelines.

  • Strong understanding of federal compliance requirements, OMB directives, and agency-specific security policies.

  • Exceptional business documentation and technical writing skills — ability to produce clear, concise, and actionable documentation.

  • Advanced proficiency in Microsoft Excel, with experience developing and managing complex spreadsheets for assessment tracking and reporting.

  • Must currently hold or be able to obtain a relevant cybersecurity certification, such as:

    • CompTIA Security+

    • Certified Information Systems Security Professional (CISSP)

    • Certified Information Security Manager (CISM)

    • Certified Authorization Professional (CAP)

Preferred/Desired Skills

  • Prior experience supporting cybersecurity activities under the Risk Management Framework (RMF) using NIST guidance.

  • Experience interacting with the Social Security Administration (SSA) or other federal partners, including interpreting existing interagency agreements.

  • Proven ability to produce detailed business and technical documentation tailored to RMF compliance requirements.

  • Familiarity with providing technical and privacy guidance for both cloud-based environments and data protection programs.

This opportunity is ideal for a motivated and detail-oriented professional with a strong background in federal cybersecurity compliance, technical documentation, and NIST-based security control assessment. Join Centurion Consulting Group and help drive critical information security initiatives that support federal mission success.

APPLY

Apply for this position

Allowed Type(s): .pdf, .doc, .docx