Security & Compliance Analyst

Requirements

• Desired but not required certifications include Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or AWS Certified Security - Specialty.
• Working Conditions:
• Normal office conditions.
• Working at SOSi: All interested individuals will receive consideration and will not be discriminated against for any reason.

Additional Information

**This position is contingent upon contract award** SOSi is seeking a Security & Compliance Analyst to support mission requirements for a structured approach to further develop, integrate, and sustain a scalable, federated data ecosystem that enhances interoperability, governance, and mission-driven analytics for a DoD customer. The primary objective of the program is to bridge the operational gaps between DoD, IC, interagency, and non-traditional international partners to enable real-time information sharing, dynamic data integration, and mission-tailored analytical capabilities. Essential Job Duties: Monitor and validate Kubernetes and data lake deployments for compliance with RMF, NIST 800-53, and DoD IL4/IL5 requirements, in collaboration with agency cybersecurity teams. Maintain continuous monitoring dashboards and conduct vulnerability scans of deployed infrastructure and workloads, supporting the agency's ATO process and risk posture. Prepare and update system security documentation-including SSPs, SARs, POA&Ms-to reflect changes to architecture, controls, or risk conditions under other work orders. Enforce encryption, logging, and identity access policies (IAM, RBAC, audit logging) to maintain traceability and accountability across the Kubernetes-based data layer. Submit the Security & Compliance Assessment Report, providing a summary of control effectiveness, findings, and recommended remediation actions. Minimum Requirements: Active TS-SCI Clearance. Bachelor's degree in Cybersecurity, Information Assurance, Computer Science, or a related field, or five (5) years of equivalent experience in security and compliance roles. Knowledge and capability to implement, monitor, and enforce security policies, frameworks, and compliance controls across cloud-based and on-premises environments. Proficient in NIST 800-53, FedRAMP, DoD IL-4/5 security policies, and risk assessment methodologies. Strong understanding of identity and access management (IAM), security monitoring tools (Splunk, SIEM solutions), zero-trust architecture, and vulnerability assessment frameworks is required. Demonstrated experience in conducting security audits, assessing system compliance with DoD cybersecurity policies, and implementing security controls in cloud and hybrid environments. Experience with security automation, endpoint protection, and incident response processes is required.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Sosi1? Share your experience