We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Spectraforce Technologies jobs

Cloud Senior Security Risk Analyst

Spectraforce Technologies
United States, South Carolina, Columbia
Jul 08, 2025
Job Title: Cloud Senior Security Risk Analyst

Location: Columbia, SC (Onsite is Highly Preferred, but open to Remote)

Duration: 6 Months

Job Summary:

Duties:

  • Plan and perform compliance and risk assessment activities for information systems and related processes. Communicate and escalate compliance and risk issues to the appropriate department and/or level of management. Act as a change agent to influence the I/S and corporate compliance culture.
  • 20% Independently monitor remediation of new and outstanding issues, including Information Security Risk Exception process, to ensure identification of areas of non-compliance. Utilize tools to track and report on compliance posture. 20% Independently conduct formal risk analysis and self-assessments to determine effectiveness of controls and ensure creation of action plans to remediate identified risks.
  • 20% Facilitate development, implementation and documentation of Information Security policies, procedures, processes and programs to guide organization toward continuous compliance. Independently analyze and interpret security regulations and controls to advise on security compliance at a broad perspective across multiple business areas. Consult on organizational impacts of compliance and risk management decisions.
  • 20% Serve as an interface with external entities for governance and compliance reviews regarding information security risk across multiple business areas and controls.
  • 10% Independently investigate, document and resolve Information Security Incidents. Advise senior management of critical issues that may affect organization.
  • 10% Research emerging security topics, threats and capabilities to create/update policy and governance. Promote organizational security awareness by developing security training, Security Council bulletins, security policies, standards and best practices.


Day to Day:

  • A typical day for a Cloud Senior Security Risk Analyst involves hands-on work with key technologies to ensure the security and compliance of CMS's cloud infrastructure.
  • The analyst actively uses Microsoft Azure to review and administer security configurations, manage Azure Active Directory roles, and apply policies through Azure Policy and Security Center.
  • They regularly monitor and analyze security events using SIEM tools like Splunk or Microsoft Sentinel, investigating anomalies and escalating potential threats.
  • The role also requires applying NIST 800-53 and FedRAMP controls by reviewing cloud architecture and ensuring that all systems meet federal compliance standards.
  • Additionally, the analyst manages Identity and Access Management (IAM) by updating and auditing access permissions, ensuring least-privilege principles are enforced.
  • Their day often includes collaborating with engineering teams to integrate security into cloud deployments, supporting audits, and documenting risk mitigation strategies.
  • They also perform independent, objective cloud information systems audits and evaluations, providing actionable recommendations to strengthen security posture and ensure regulatory compliance.


?Work Environment:

Fast paced, multi-platformed environment which may require action and response 24X7 to support the technical business needs of the customer.

Job Requirements:

Minimum Required Skills and Abilities:

  • Good understanding of Systems Development Life Cycle methodologies. Subject Matter Expert in government or private risk frameworks and control implementations.
  • Good understanding of risk management, information system security and compliance standards.
  • Excellent analytical and decision-making skills.
  • Proven ability to interpret and apply knowledge of regulatory/accreditation requirements.
  • Ability to independently solve problems often spanning multiple environments and business areas.
  • Ability to effect change and bring security, risk and compliance knowledge to the organization through the use of positive influence.
  • Understanding of infrastructure and networking architecture WANs, LANs, Internet, intranets and communication protocols. Strong communication skills in presenting results both verbally and in writing.
  • Possess excellent collaboration skills with a wide variety of internal matrix and management staff.



Required Software and Other Tools:

Standard office equipment.

Required Education:

Bachelor's Degree in Computer Science, Information Technology or related degree.

Required Degree Equivalency:

4 years of job related work experience or 2 years of job related experience plus an associate's degree in Computer Science, Information Technology or other job related degree

Required Work Experience:

6 years of I/T experience including 4 years of IT security, risk assessment and/or compliance experience.

Successful completion of I/S Entry Level Training Program (ELTP) may be substituted for 2 years of I/T experience.

Required Technologies:

  • Agile Experience
  • Identity and Access Management (IAM)
  • Proficiency with Splunk
  • Experience with Cloud security Tools associated with AWS and/or Microsoft Azure.
  • Security & Compliance Frameworks (NIST 800-53, FedRAMP)


Nice To Have:

  • FedRAMP/NIST 800-53 Compliance Frameworks
  • Familiarity with federal compliance standards, particularly FedRAMP and NIST 800-53, is crucial for aligning cloud security controls with CMS requirements.

Applied = 0
MORE JOBS LIKE THIS

(web-8588dfb-6fpzf)