Oct 21
Public Trust
$108,000 - $130,000
Unspecified
IT - Security
Bethesda, MD (On-Site/Office)
Job Description
ECS is seeking a Metrics & Reporting Analyst - CSAM to work in our Bethesda, MD office.
Position Summary:
ECS Federal seeks a Metrics & Reporting Analyst to build enterprise dashboards and reporting pipelines that translate Cybersecurity Assessment and Management (CSAM) data into actionable insights for quarterly FISMA submissions, internal ISCM metrics, and executive decision-making. The role partners with A&A, ICOs, and engineering teams to ensure metric definitions align with policy, evidence is traceable, and outputs meet OMB, IG, and internal reporting requirements. The analyst will also detect data quality issues and shadow IT by cross-referencing system scans, CMDB entries, and CSAM records.
Position Responsibilities:
Salary Range: $108,000 - $130,000
Required Skills
#ECS1
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
ECS is seeking a Metrics & Reporting Analyst - CSAM to work in our Bethesda, MD office.
Position Summary:
ECS Federal seeks a Metrics & Reporting Analyst to build enterprise dashboards and reporting pipelines that translate Cybersecurity Assessment and Management (CSAM) data into actionable insights for quarterly FISMA submissions, internal ISCM metrics, and executive decision-making. The role partners with A&A, ICOs, and engineering teams to ensure metric definitions align with policy, evidence is traceable, and outputs meet OMB, IG, and internal reporting requirements. The analyst will also detect data quality issues and shadow IT by cross-referencing system scans, CMDB entries, and CSAM records.
Position Responsibilities:
- Develop dashboards and reporting pipelines for quarterly FISMA submissions and internal ISCM metrics.
- Integrate contingency planning metrics and effectiveness results into CSAM dashboards and datasets.
- Design scorecards for system and ICO performance (e.g., patch timelines, POA&M closure rates, control coverage).
- Translate CSAM data into formats required for OMB, IG, and internal reporting; maintain data dictionaries and definitions.
- Coordinate with A&A and other teams to ensure metric outputs meet policy and audit requirements.
- Identify shadow IT or mismatches between system scans, CMDB entries, and CSAM records; drive remediation tracking.
- Produce dashboards and reports showing data completeness and accuracy; implement validation and reconciliation routines.
- Continuously improve metric definitions and reporting pipelines based on feedback, audit findings, and policy changes.
Salary Range: $108,000 - $130,000
Required Skills
- Strong communication skills; able to define metrics with stakeholders and brief executives with clear data stories.
- 5+ years of related experience delivering analytics/reporting solutions for cybersecurity, compliance, or IT operations.
- Hands-on experience designing dashboards and automated reports for FISMA/ISCM audiences.
- Ability to translate complex CSAM/GRC data into standardized outputs for OMB, IG, or internal oversight bodies.
- Experience coordinating with A&A teams and ICOs to validate requirements and acceptance criteria for reports.
- Proficiency with data modeling, SQL/queries, and building extract/transform pipelines that enforce data quality.
- Familiarity with NIST RMF and SP 800-53 concepts as they pertain to metrics, POA&M tracking, control coverage, and OA.
- Demonstrated practice implementing data validation rules, reconciliation checks, and data completeness tracking.
- Education: Bachelor's degree in Computer Science, MIS/IT, Engineering, Business/Econ, Information Security/IA, or a related field (minimum).
- Public Trust Tier 2S (moderate-risk) eligibility and ability to obtain/maintain HSPD‑12 credentials, per client requirements.
- Experience with Microsoft Power Platform tools, including Power BI for dashboarding, Power Apps for process support, and Power Automate for workflow automation.
- Background designing scorecards for system and ICO performance (e.g., patch timelines, POA&M closure rates, control coverage).
- Exposure to detecting 'shadow IT' via correlation of scans, CMDB, and GRC datasets.
- Experience producing dashboards and reports that highlight data completeness and accuracy with drill-down diagnostics.
- Software development and API integration experience; able to automate data processes and build workflow automation solutions.
- Experience in data architecture, design, and integration engineering for analytics and compliance reporting systems.
- Preferred (not required): CAP, CISSP, Security+, PMP, or analytics certifications relevant to dashboarding/reporting.
#ECS1
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
group id: 10112231A
