Cybersecurity Compliance Analyst (AI)

TL;DR

Cybersecurity Compliance Analyst (AI): Managing overall compliance posture of systems implementing an ATO Automation Platform with an accent on coordinating with security assessors and Authorizing Officials, and ensuring all compliance artifacts meet federal requirements. Focus on translating technical security implementations into compliance documentation and managing the Authority to Operate (ATO) process.

Location: Onsite in Annapolis Junction, Maryland

Company

hirify.global is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity.

What you will do

• Manage end-to-end ATO processes leveraging the ATO Automation Platform’s automated documentation generation capabilities.
• Review and validate AI-generated System Security Plans (SSPs), Security Assessment Plans (SAPs), and Plan of Action & Milestones (POA&Ms).
• Conduct gap analyses comparing current system implementations against FedRAMP, CMMC, and NIST 800-53 requirements using ATO Automation Platform’s assessment features.
• Coordinate with Third-Party Assessment Organizations (3PAOs) during security assessments and provide evidence collected through an ATO Automation Platform’s automated mechanisms.
• Maintain compliance documentation currency by leveraging ATO Automation Platform’s code-driven documentation approach that automatically updates artifacts as systems change.
• Prepare monthly continuous monitoring deliverables for Authorizing Officials and security stakeholders.

Requirements

• Bachelor's Degree with a Technical concentration with at least 10 years of professional experience.
• TS/SCI with an active Poly clearance
• Deep expertise in federal compliance frameworks: FedRAMP (Low/Moderate/High), NIST 800-53 Rev 5, CMMC 2.0.
• Experience managing ATO processes and working with Authorizing Officials and 3PAOs.
• Strong understanding of Risk Management Framework (RMF) and security assessment methodologies.
• Proficiency in compliance documentation standards including SSPs, SAPs, SAPs, POA&Ms.

Nice to have

• Prior experience with AI-driven or automated compliance platforms.
• Familiarity with OSCAL data formats and machine-readable compliance artifacts.
• Experience with DoD Security Requirements Guide (SRG) or Intelligence Community compliance requirements.
• Knowledge of GovRAMP or state-level compliance frameworks.
• Certifications: Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), FedRAMP training certifications.

Culture & Benefits

• Equal opportunity employer for all protected groups, including protected veterans and individuals with disabilities.