Job Description

ECS is seeking a

Metrics and Reporting Analyst to work in our

Bethesda, MD office.


ECS Federal seeks a Metrics & Reporting Analyst to build enterprise dashboards and reporting pipelines that translate Cybersecurity Assessment and Management (CSAM) data into actionable insights for quarterly FISMA submissions, internal ISCM metrics, and executive decision-making. The role partners with A&A, ICOs, and engineering teams to ensure metric definitions align with policy, evidence is traceable, and outputs meet OMB, IG, and internal reporting requirements. The analyst will also detect data quality issues and shadow IT by cross-referencing system scans, CMDB entries, and CSAM records.

Position Responsibilities:

------------------------------


Develop dashboards and reporting pipelines for quarterly FISMA submissions and internal ISCM metrics. Integrate contingency planning metrics and effectiveness results into CSAM dashboards and datasets. Design scorecards for system and ICO performance (e.g., patch timelines, POA&M closure rates, control coverage). Translate CSAM data into formats required for OMB, IG, and internal reporting; maintain data dictionaries and definitions. Coordinate with A&A and other teams to ensure metric outputs meet policy and audit requirements. Identify shadow IT or mismatches between system scans, CMDB entries, and CSAM records; drive remediation tracking. Produce dashboards and reports showing data completeness and accuracy; implement validation and reconciliation routines. Continuously improve metric definitions and reporting pipelines based on feedback, audit findings, and policy changes.

Salary Range: $110,000 - $125,000


General Description of Benefits


Requirements:
Strong communication skills; able to define metrics with stakeholders and brief executives with clear data stories. 5+ years of related experience delivering analytics/reporting solutions for cybersecurity, compliance, or IT operations. Hands-on experience designing dashboards and automated reports for FISMA/ISCM audiences. Ability to translate complex CSAM/GRC data into standardized outputs for OMB, IG, or internal oversight bodies. Experience coordinating with A&A teams and ICOs to validate requirements and acceptance criteria for reports. Proficiency with data modeling, SQL/queries, and building extract/transform pipelines that enforce data quality. Familiarity with NIST RMF and SP 800-53 concepts as they pertain to metrics, POA&M tracking, control coverage, and OA. Demonstrated practice implementing data validation rules, reconciliation checks, and data completeness tracking.

Certifications/Licenses:

----------------------------

Education: Bachelor's degree in Computer Science, MIS/IT, Engineering, Business/Econ, Information Security/IA, or a related field (minimum).*

Public Trust Tier 2S (moderate-risk) eligibility and ability to obtain/maintain HSPD?12 credentials, per client requirements.*




Req Benefits:
https://ecstech.com/careers/benefits/">https://ecstech.com/careers/benefits/