Join our Talent Network >

FISMA Audit Analyst

Job ID: 2113806
Location: WASHINTON, DC, United States
Date Posted: Sep 16, 2021
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No
Benefits: Click here

Share: mail

Job Description


SAIC is seeking a FISMA Audit Analyst to work in the Washington, DC area. This is support the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats.

The FISMA Audit Analyst will support FISMA audit activities for the HHS OIS cybersecurity compliance team.

  • Prepare and educate Department and OpDiv stakeholders for audits (i.e. FISMA).
  • Coordinate all audit activities to ensure prompt and accurate communication and submission of evidence.
  • Maintain accurate records on the status of all audit reports, recommendations, and remediation.
  • Provide analysis of audit recommendations, resolution, and corrective action.
  • Provide department-wide audit trends and recommend solutions.
  • Coordinate resolution and corrective action on recommendations involving the Department and OpDivs.
  • Attend audit meetings.
  • Review OpDiv and Department audit Maturity Models.
  • Facilitate Department audit walkthroughs (meetings) with OIG and the Department POC.
  • Review draft and final annual FISMA OIG audit reports.
  • Review audit reports, respond to requests for information, and monitor/track audit remediation.


Required Experience:

  • Bachelors and five (5) years or more experience; Masters and three (3) years or more experience
  • 5 years of relevant FISMA experience.
  • 3 years of relevant FISMA audit-specific.

Certification Requirement: Industry standard cybersecurity certification, e.g. Security+, CISM.

Education Requirement: Bachelor’s degree in Computer Science, Information Systems, Engineering or related field. May accept an additional 4 years of relevant experience in lieu of a degree.  

Clearance Requirement: Ability to obtain and maintain a Public Trust.


COVID Policy: Prospective and/or new employees will be required to adhere with SAIC's vaccination policy. Full vaccination will be required before the start of employment in order to work onsite at an SAIC location. If applicable, prospective or new employees may seek an exemption to the vaccination requirement at Contact Us and must have an approved exemption prior to the start of their employment. Employees working onsite at a customer location must comply with customer requirements which may include mandatory vaccination, mandatory attestation regarding one's vaccination status and mandatory weekly or bi-weekly testing.


SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.

Share: mail