CareerZen Logo
Company logo

Cyber Intrusion Analyst

Leidos

Contract

Ford Island, HI

Job description

Cloud Senior Security Risk Analyst
W2 Only, no C2C

Required Work Experience:
  • 6-8 years of I/T experience including 4-6 years of IT security, risk assessment and/or compliance experience.
Required Technologies:
  • Agile Experience
  • Identity and Access Management (IAM)
  • Proficiency with Splunk
  • Experience with Cloud security Tools associated with AWS and/or Microsoft Azure.
    Security & Compliance Frameworks (NIST 800-53, FedRAMP)
Required Education:
  • Bachelor's Degree in Computer Science, Information Technology or related degree.
    Degree Equivalency: 4 years of job related work experience or 2 years of job related experience plus an associate’s degree in Computer Science, Information Technology or other job related degree
Nice To Have:
  • FedRAMP/NIST 800-53 Compliance Frameworks • Familiarity with federal compliance standards, particularly FedRAMP and NIST 800-53, is crucial for aligning cloud security controls with CMS requirements.
Day to Day:
  • A typical day for a Cloud Senior Security Risk Analyst (IT545) involves hands-on work with key technologies to ensure the security and compliance of CMS’s cloud infrastructure.
  • The analyst actively uses Microsoft Azure to review and administer security configurations, manage Azure Active Directory roles, and apply policies through Azure Policy and Security Center.
  • They regularly monitor and analyze security events using SIEM tools like Splunk or Microsoft Sentinel, investigating anomalies and escalating potential threats.
  • The role also requires applying NIST 800-53 and FedRAMP controls by reviewing cloud architecture and ensuring that all systems meet federal compliance standards.
  • Additionally, the analyst manages Identity and Access Management (IAM) by updating and auditing access permissions, ensuring least-privilege principles are enforced. Their day often includes collaborating with engineering teams to integrate security into cloud deployments, supporting audits, and documenting risk mitigation strategies.
    • They also perform independent, objective cloud information systems audits and evaluations, providing actionable recommendations to strengthen security posture and ensure regulatory compliance.

#INDREM
Apply