Security & Compliance Analyst

  • Full-time
  • FLSA Status: Exempt
  • Clearance Requirement: Top Secret/SCI

Company Description

Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.

Job Description

**This position is contingent upon contract award**

SOSi is seeking a Security & Compliance Analyst to support mission requirements for a structured approach to further develop, integrate, and sustain a scalable, federated data ecosystem that enhances interoperability, governance, and mission-driven analytics for a DoD customer. The primary objective of the program is to bridge the operational gaps between DoD, IC, interagency, and non-traditional international partners to enable real-time information sharing, dynamic data integration, and mission-tailored analytical capabilities.

Essential Job Duties:

  • Monitor and validate Kubernetes and data lake deployments for compliance with RMF, NIST 800-53, and DoD IL4/IL5 requirements, in collaboration with agency cybersecurity teams.
  • Maintain continuous monitoring dashboards and conduct vulnerability scans of deployed infrastructure and workloads, supporting the agency’s ATO process and risk posture.
  • Prepare and update system security documentation—including SSPs, SARs, POA&Ms—to reflect changes to architecture, controls, or risk conditions under other work orders.
  • Enforce encryption, logging, and identity access policies (IAM, RBAC, audit logging) to maintain traceability and accountability across the Kubernetes-based data layer.
  • Submit the Security & Compliance Assessment Report, providing a summary of control effectiveness, findings, and recommended remediation actions.

Qualifications

Minimum Requirements:

  • Active TS-SCI Clearance.
  • Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or a related field, or five (5) years of equivalent experience in security and compliance roles.
  • Knowledge and capability to implement, monitor, and enforce security policies, frameworks, and compliance controls across cloud-based and on-premises environments.
  • Proficient in NIST 800-53, FedRAMP, DoD IL-4/5 security policies, and risk assessment methodologies.
  • Strong understanding of identity and access management (IAM), security monitoring tools (Splunk, SIEM solutions), zero-trust architecture, and vulnerability assessment frameworks is required.
  • Demonstrated experience in conducting security audits, assessing system compliance with DoD cybersecurity policies, and implementing security controls in cloud and hybrid environments.
  • Experience with security automation, endpoint protection, and incident response processes is required.

Preferred Qualifications:

  •  Desired but not required certifications include Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or AWS Certified Security – Specialty.

Additional Information

Working Conditions:

  • Normal office conditions.

Working at SOSi: All interested individuals will receive consideration and will not be discriminated against for any reason.

I'm interested
Privacy Notice