Cloud Senior Security Risk Analyst

Job Posting: Cloud Senior Security Risk Analyst

Location: Remote

Key Responsibilities:
Conduct cloud security risk assessments and compliance evaluations in AWS
environments.
Analyze and improve Identity and Access Management (IAM) configurations across
enterprise cloud systems.
Monitor cloud infrastructure using Splunk, AWS Security Hub, and other SIEM/SOAR
tools.
Translate complex technical findings into business risk for executive audiences.
Collaborate with security architects, engineers, and compliance teams to
remediate vulnerabilities and implement controls.
Support ATO documentation and audit readiness for systems under FedRAMP and
CMS security guidelines.
Participate in Agile sprints to evaluate cloud configurations and support secure
DevSecOps practices.
Lead and document system-level risk analysis and decisions.
Required Qualifications
5+ years in information security, including 2+ years in cloud risk analysis or
compliance.
Experience with AWS services and IAM policies (MFA, RBAC, least privilege).
Strong working knowledge of NIST 800-53 and FedRAMP frameworks.
Proficiency in Splunk for log analysis, threat hunting, and dashboarding.
Familiarity with AWS-native security tools (e.g., GuardDuty, Config, Access
Analyzer).
Hands-on experience working within an Agile development or DevSecOps
environment.
Excellent communication skills and ability to advise cross-functional teams.
Nice to Have
Prior experience supporting CMS, CBIC, or other federal healthcare IT programs.
Understanding of HIPAA and HHS cybersecurity policies.
Relevant certifications: CISSP, CCSP, CRISC, or AWS Security Specialty.
Familiarity with control implementation documentation (SSPs, SARs, POA&Ms).
Experience in conducting independent audits of cloud systems and providing risk
based recommendations.