OneMain Financial Jobs

This is a remote based position. Applicants can be located nationwideBack Program Analyst #2631 United States Apply X Facebook LinkedIn Email Copy Position Description About You You are a person who is passionate about advancing security and compliance objectives by coordinating activities that maintain system authorizations, governance documentation, and ongoing risk management efforts. We need someone who is experienced in managing key processes supporting Authorizations to Operate (ATOs), audit readiness, and control effectiveness reporting across systems operating under federal, healthcare, or commercial frameworks. In the role of Program Analyst, you will be responsible for security authorizations, and familiarity with working alongside federal agencies or Third-Party Assessment Organizations (3PAOs). Tell us about your experience with Program Analysis. Are you a team player and a self-motivator? We are counting on you to manage multiple projects using your problem-solving skills. We are looking for someone UNCOMMON. What is uncommon about you? Are you highly committed? Are you team-oriented? Do you value professionalism, trust, honesty, and integrity? If so, we cannot wait to meet you. About The Position Plan, manage, and track system Authorization to Operate (ATO) packages, including documentation, control validation, and renewal cycles. Lead the planning and continuous improvement of the organization's role based and event driven security awareness programs. Coordinate and execute monthly phishing simulations and targeted campaigns to strengthen organizational security hygiene. Create, maintain and optimize ICS SharePoint sites, ensuring accurate information architecture, version control, accessibility. Coordinate security assessments and audits through engagement with internal and external stakeholders, including 3PAOs and federal partners. Maintain and update the organization's security policies, procedures, and system security documentation to stay aligned with current regulations and frameworks. Monitor, assess, and report on control effectiveness; develop dashboards and metrics to communicate overall compliance posture. Oversee submission and maintenance of continuous monitoring evidence for assigned systems. Support assessments against NIST-based requirements (e.g., NIST 800-53, NIST CSF) and related programs such as FedRAMP, FISMA, or HIPAA. Translate technical and policy requirements into actionable plans, ensuring timely remediation and risk reduction. Contribute to the improvement of compliance workflows, leveraging GRC tools to automate and track activities. Serve as a liaison with IT, security operations, privacy, and business units to ensure cohesive governance and communication of audit results and policy updates. Minimum Requirements: Eligibility for a NACLC DoD Security Clearance. Bachelor's degree in Information Systems, Cybersecurity, Computer Science, or relevant field (or equivalent professional experience). 3--5 years of experience supporting cybersecurity, compliance, or audit programs within a federal agency, contractor, or 3PAO environment. Demonstrated project management ability, including scheduling, documentation control, and milestone tracking. Working knowledge of NIST frameworks and the ATO lifecycle. Familiarity with Governance, Risk, and Compliance (GRC) tools such as Onspring, Archer, or ServiceNow. Strong analytical and written communication skills, with the ability to distill complex compliance information for a broad audience. Preferred Requirements: Experience managing system security plans (SSPs), risk assessment reports (RARs), and plans of action and milestones (POA&Ms). Exposure to FedRAMP, FISMA, or DoD RMF assessment requirements. CAP, PMP, or comparable certification in security or project manage