Job Specifications
Security Systems Analyst
Austin, TX
Long term contract
Hybrid, In-Person Interview
The Security Engineer will project work by leading security governance, compliance, and risk management activities, with a strong focus on System Security & Privacy Plans (SSP/SSPP). This role bridges technical security operations and regulatory compliance, ensuring audit readiness, effective vulnerability remediation, and secure delivery of public-facing services across complex, multi-platform environments.
• Lead end to end System Security & Privacy Plan (SSP/SSPP) development, maintenance, and updates for enterprise systems
• Drive remediation activities through POA&M management, ensuring timely closure of compliance gaps
• Translate penetration testing and vulnerability findings into actionable remediation work items (EPICs/user stories)
• Coordinate with application, infrastructure, and security teams to validate remediation through re-testing and evidence
• Oversee risk-based vulnerability management, including prioritization and SLA-driven remediation
• Provide governance oversight for endpoint protection, web application security, and cloud security controls
• Produce assessor ready documentation, including configurations, monitoring evidence, approvals, and incident traceability
• Support continuous audit readiness and reduce repeat findings through disciplined governance and documentation practices
Minimum Requirements:
12 Required deep focus on: Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing , Cloud Security and hybrid environments
10 Required Proven experience owning SSP development end to end
10 Required Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks
10 Required Strong expertise in: Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management
8 Required Ability to translate technical security issues into compliance aligned remediation actions
8 Required Strong stakeholder management skills across security, infrastructure, and application teams
8 Required Excellent written and verbal communication skills, particularly for executive stakeholders
8 Required Knowledge of NIST 800 53, NIST RMF, and privacy controls
8 Required Knowledge of Secure SDLC and DevSecOps practices
5 Preferred Experience operating in multi-vendor, multi-platform environments
5 Preferred Demonstrated ability to reduce repeat audit findings and improve compliance maturity
5 Preferred Experience mentoring or guiding teams on security governance best practices
1 Preferred Experience supporting HHSC systems, including SSP development and compliance
Email: naveed@avitalstaffing.com
About the Company
We are a Business & Information Technology Consulting firm that specializes in delivering quality professional staffing services and technology solutions to meet the changing needs of or our clients. Since the inception, Athomtech has provided development consulting services as and when needed from a key consultant to an entire project team. Our team is focused on customer service and firmly believe in the Return-On-Investment (ROI) on every solution we provide and every initiative we undertake with our clients. We connect p...
Know more