[Remote] Security & Compliance Analyst (for Proposal bid)

Note: The job is a remote job and is open to candidates in USA. Dynamo Technologies, LLC is a full lifecycle digital transformation company providing technology and mission support services. The Security & Compliance Analyst will ensure that cloud modernization activities for Rural Development applications meet federal security, privacy, and compliance requirements. Responsibilities • Conduct application-level security architecture reviews and gap assessments against USDA security baselines, FedRAMP, FISMA, and NIST 800-53 control requirements • Develop and maintain security control traceability, mapping application architectures and implementations to NIST 800-53 and USDA/OCIO requirements, including FIPS 199 categorization and FISMA alignment • Prepare, review, and maintain ATO and RMF documentation for modernized applications, including SSP, PIA, PTA, ISA, MOU, and supporting artifacts • Track and support remediation of security findings and POA&Ms, coordinating with engineering, DevSecOps, and OCIO security teams to ensure timely closure and accurate status reporting • Advise on secure logging, monitoring, and audit strategies using OCIO-approved, CSP-native tools (e.g., Azure Monitor, AWS CloudWatch) while avoiding duplication of OCIO enterprise responsibilities.? • Validate that DevSecOps pipelines include appropriate security scanning, compliance checks, and audit logging to meet FedRAMP, FISMA, and NIST 800-53 requirements • Support Section 508, records management, and privacy obligations as they relate to application modernization deliverables, including verification that artifacts and solutions meet USDA accessibility and records standards • Participate in risk assessments, change reviews, and modernization planning to identify security and compliance impacts and recommend mitigation strategies • Contribute to security-related training, operational runbooks, incident response playbooks, and knowledge transfer materials for RD operations and security teams Skills • In-depth knowledge of FedRAMP, FISMA, NIST 800-53, RMF, and federal security and privacy statutes and policies applicable to USDA • Demonstrated experience preparing and maintaining ATO documentation (SSP, PIA, PTA, ISA, MOU) and supporting POA&M tracking and remediation • One or more relevant security certifications (e.g., CISSP, CISM, CISA, CCSP or similar) • Familiarity with cloud security concepts and controls in major CSPs (e.g., Azure, AWS), including logging, monitoring, identity and access management, and encryption • U.S. Citizenship required • Bachelor's degree in Cybersecurity, Information Assurance, Information Systems, or a closely related field • Minimum 5 years of experience in federal IT security, compliance, and risk management, preferably with cloud or hybrid environments • Ability to obtain a Public Trust • Prior experience supporting security and compliance for federal cloud migration or modernization projects, ideally within FedRAMP Moderate or higher environments • Experience collaborating with ISSOs, system owners, AO organizations, and enterprise security teams to navigate RMF and ATO processes • Knowledge of Section 508 accessibility requirements, federal records management obligations, and USDA or similar departmental directives Company Overview • Dynamo Technologies is a management consulting company providing services in the cloud, infrastructure, and software solutions. It was founded in 2012, and is headquartered in Vienne-en-val, Centre, FRA, with a workforce of 51-200 employees. Its website is http://dynamotechnologies.com. Apply tot his job Apply To this Job