Be a part of it. Join the #AccelFamily

FedRAMP Information Security Risk Analyst - Hybrid/Columbia MD



Columbia, MD, USA
Posted on Monday, July 1, 2024

Who is Tenable?

Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!

What makes Tenable such a great place to work?

Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!

Your Role:

Join our InfoSec team at Tenable as a hands-on (Mid) Risk and Compliance Analyst. Drive compliance and assurance efforts for our products and cloud services while assisting with external risk assessments, security assessments, and audits. Make a real impact on our organization's security and customer trust and come join us at Tenable!

Your Opportunity:

  • Serve as a company representative with prospects, customers, and partners for security questionnaires, assessments, and audits

  • Collaborate with Sales, Engineering, Information Security, IT, and Product Development teams to communicate compliance obligations and requirements

  • Complete Third-Party Risk Assessments (TPRM Program) for new and potential vendors/educate stakeholders on their responsibilities

  • Coordinate and participate in internal and external audit walkthroughs (ISO27k, SOC2, FedRAMP, Customer Audits, IRAP)

  • Help guide and perform remediation of issues identified during third-party assurance or internal reviews

  • Support special projects as needed, which may include:Assisting in the development and execution of the internal compliance program, involving preparation for audits, certifications, and risk assessments.

  • Assisting in the development, administration, and continuous monitoring of internal security controls.

What You'll Need :

  • US Citizenship

  • 2+ years of experience in information security and vendor risk assessments based on industry standards.

  • 2+ years of experience in responding to security assessments, SAQs, compliance requirements, etc

  • 2+ years of experience with implementation, monitoring, and reporting of control processes, documentation, and remediation items

  • Experience working with the Federal Risk and Authorization Management Program (FedRAMP)

  • At least one relevant relevant security certifications (SSCP, Sec+, CISA, etc)

  • BS, BA in Information Technology, Computer Science, Information Security, or other related field

  • Be self-driven with the ability to work independently and comprehend all requirements

  • Strong communication skills and ability to collaborate effectively with all levels

  • Ability to adopt and utilize technology, with advanced proficiency in Excel, PowerPoint, and Vizio/Lucid.

And Ideally:

  • Knowledge of governance, risk and compliance frameworks (GRC)

  • Experience performing or undergoing internal and external audits

  • Analytical mindset with a rational, pragmatic, and realistic approach to security, risk, and compliance

  • Experience in a Big 4 or similar security consulting or risk assurance role

  • Experience as a FedRAMP assessor (3PAO) or advisor.

  • Experience with conducting audits, privacy, BC & DR Program Management



This is the base pay range for this position. Compensation for the role will depend on a number of factors, including the candidate's qualifications, skills, competencies, location and experience, and may fall outside of the range shown. Employees are also eligible for variable compensation in addition to base pay (commission for sales roles, bonus for non-sales roles), depending on company and individual performance. Tenable also offers a variety of comprehensive and competitive benefits which include: medical, dental, vision, disability and life insurance; 401(k) retirement savings with company match; an employee stock purchase plan; an employee referral program; flexible spending accounts; an Employee Assistance Program (EAP); education assistance; parental leave; paid time off (PTO); company-paid holidays; health and wellness events; and community programs.

US Pay Ranges
$79,000$105,000 USD

If you’ve reached this point, and you’re still not sure if you should apply…..Just do it! We’re human and we don’t fit a perfect mold. Having diverse backgrounds, experiences and perspectives, that’s a good thing! If you’re coming from outside of the cyber industry - great! If you’re looking to try something new - awesome! All we ask is you bring passion to all that you do, crave creativity and innovation, and embrace the hard work of gaining new skills and accepting big challenges.

We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact [email protected] for further assistance.

Tenable Data Consent Statement

Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us, in accordance with the General Data Protection Regulation (“GDPR”). Please click here to review.

For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here to review.