Federal Security Compliance Analyst

Federal Security Compliance Analyst Location: Remote, USA Employment Type: Full-Time Compensation: $78,500.00 - $98,250.00 (Range applies to US candidates only) + Benefits/Variable Comp/Equity - Range may vary based on experience.Benefits Offered: Vision, Medical, Life, Dental, 401K Summary OneStream is seeking an experienced and driven Federal Security Compliance Analyst to oversee compliance with federal, state, and local laws and regulations related to processing governmental data in a cloud environment. The Federal Security Compliance Analyst acts as a liaison for key internal and external stakeholders and provides management with recommendations for policy, procedure, and practice improvements. Primary Duties and Responsibilities • Develop, maintain, and refine detailed System Security Plans (SSPs) that accurately document system installations, security provisions, and operational realities. • Verify SSP implementation by confirming required security controls are in place, properly tested, and functioning as described. • Ensure all system security documentation is current, well organized, and accessible to appropriately authorized personnel. • Coordinate and facilitate independent security assessments conducted by Third-Party Assessment Organizations (3PAOs), and apply findings to strengthen compliance and security posture. • Lead and execute continuous monitoring in accordance with NIST 800-137, partnering with stakeholders to rapidly identify, track, and remediate vulnerabilities. • Produce comprehensive security status reports, highlighting risks or gaps and providing clear, well-informed remediation recommendations. • Serve as the primary point of contact for federal customers and officials, managing authorization-related communications, answering inquiries, delivering continuous monitoring artifacts, and ensuring alignment with evolving federal requirements. • Create, document, and maintain Plans of Actions and Milestones (POA&Ms) to address non-compliance within established timelines. • Maintain expert working knowledge of NIST 800-53 controls, determine applicability to the application, and validate control implementation. • Verify required hardening standards are implemented, including DISA STIGs and/or CIS Benchmarks, where applicable. • Conduct ongoing security reviews, testing, and compliance gap analyses for existing systems and new products to meet current and future federal framework needs. • Drive FedRAMP and DoD Impact Level 4 education and awareness initiatives, promoting compliance importance and system security best practices across staff. Required Education and Experience • Minimum of 5 years of professional experience in compliance, cybersecurity, or a related field, or an equivalent combination of experience and relevant certifications (e.g., CISA, CISSP). • Hands-on experience with NIST 800-53, FedRAMP, and/or the DoD Security Requirements Guide (SRG). • Demonstrated history of planning and conducting security assessments. • Ability to serve as an effective liaison across technical and non-technical stakeholders. • Proven ability to collaborate successfully within small teams and excel in a fast-paced, continuously evolving environment. • Track record of building and maintaining strong, sustainable working relationships internally, with customers, and with external partners. • Excellent verbal and written communication skills, including the ability to clearly articulate business rationale and recommendations. • Strong organizational skills with consistent attention to detail and quality. Preferred Education and Experience • Working knowledge of cloud computing services and deployment architectures. • Familiarity with Microsoft Azure and its security/compliance features. • Strong technical foundation with the ability to partner closely with engineering and technical teams to implement and validate security controls. Knowledge, Skills, and Abilities • Self-motivated and results-oriented, with a proactive, ownership mindset. • Strong ability to manage multiple priorities, multitask effectively, and deliver in a deadline-driven environment. • Flexible and adaptable, with comfort navigating change and shifting business needs. • Works effectively both independently and collaboratively as part of a team. • Maintains a highly professional, approachable, and service-focused demeanor. • Confident communicating and partnering with stakeholders at all levels, including senior leadership. Who We Are OneStream is how today's Finance teams can go beyond just reporting on the past and Take Finance Further™ by steering the business to the future. It's the only enterprise finance platform that unifies financial and operational data, embeds AI for better decisions and productivity, and empowers the CFO to become a critical driver of business strategy and execution. Our vision is to be the operating system for modern finance, digitizing core financial functions and empowering the CFO to become a critical driver of business strategy. To learn more visit www.onestream.com. Why Join The OneStream Team • Transparency around corporate structure, salary, and benefits • Core value of customer success • Variety of project work (not industry-specific) • Strong culture and camaraderie • Multiple training opportunities Benefits at OneStream OneStream employees are passionate, hardworking individuals who go above and beyond to keep our customers happy and follow through on our mission statement. They consistently deliver the best and in turn, we make every effort to keep them cared for and happy. A sample of the benefits we provide are: • Excellent Medical Plan • Dental & Vision Insurance • Life Insurance • Short & Long Term Disability • Vacation Time • Paid Holidays • Professional Development • Retirement Plan All candidates must be legally authorized to work for any company in the country where this position is located without sponsorship. OneStream is an Equal Opportunity Employer. #LI-CB1 #LI-Remote Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor. Apply tot his job