Security Compliance Analyst

Join a team supporting U.S. Southern Command's Enhanced Domain Awareness (EDA) initiative, helping secure and sustain cloud-based intelligence, analytics, and data-sharing capabilities. This role focuses on ensuring systems and platforms remain compliant with Federal and DoD cybersecurity requirements while supporting mission-critical operations.

Note: This position is contingent upon contract award, expected in the next 30-60 days. 

• →Assess, implement, and monitor security controls across cloud and hybrid environments.
• →Support compliance initiatives aligned with FedRAMP, NIST 800-53 Rev. 5, DoD RMF, and Zero Trust principles.
• →Conduct security assessments and identify compliance gaps and remediation actions.
• →Develop and maintain compliance documentation, including SSPs and POA&Ms.
• →Support vulnerability management, risk assessments, and continuous monitoring activities.
• →Assist with ATO activities, audits, inspections, and compliance reviews.
• →Collaborate with engineers, administrators, and cybersecurity teams to ensure secure and compliant operations.
• →Develop compliance reports, risk summaries, and recommendations for leadership and stakeholders.

• Bachelor's degree in Cybersecurity, Information Assurance, or a related field, or five (5) years of equivalent professional experience.
• Experience conducting security assessments and supporting cybersecurity compliance programs.
• Experience with FedRAMP, NIST 800-53 Rev. 5, DoD RMF, and cloud security requirements.
• Experience developing and maintaining SSPs, POA&Ms, and other compliance documentation.
• Experience supporting vulnerability remediation, risk management, and continuous monitoring activities.
• Experience with Microsoft Purview, AWS Security Hub, Nessus, Splunk Enterprise Security, or similar security and compliance tools.

• Experience supporting DoD, Intelligence Community, or Federal programs.
• Experience with AWS and Azure cloud environments.
• Familiarity with ATO processes and Zero Trust architectures.
• Certifications such as CISSP, CISA, Security+, or other cybersecurity credentials.

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.