Information Security Analyst Advisor (Azure Security Senior Engineer) - HYBRID - Secret Clearance

Information Security Analyst Duties and Responsibilities:

• Design, implement, and maintain secure cloud architectures within Azure Government Secret classified environments
• Enforce zero trust principles, role-based access control (RBAC), and identity federation (e.g.,Azure AD B2B/B2C with CAC/PIV)
• Configure and manage security controls such as Microsoft Defender for Cloud, Key Vault, Azure Policy, NSGs, and Private Endpoints
• Automate compliance and security operations using PowerShell, Terraform, or ARM templates
• Integrate SIEM/SOAR tools (e.g., Microsoft Sentinel for IL6) for continuous monitoring, logging, and incident response
• Conduct vulnerability assessments and implement remediations aligned to NIST 800-53, DoD STIGs, and JSIG
• Collaborate with mission owners, compliance teams, and developers to ensure secure DevSecOps pipelines
• Support Authority to Operate (ATO) processes by generating security documentation, control evidence, and supporting audits
• Navigate federal systems through the authorization process to achieve and maintain Authority to Operate (ATO)
• Work with the ISSO, Program and DOC ITD IA teams to maintain the necessary security authorizations
• Develop comprehensive System Security Plans (SSPs) documenting all implemented NIST 800-53 controls
• Coordinate security assessments with third-party assessors
• Manage Plans of Actions & Milestones (POA&Ms) for addressing identified vulnerabilities
• Ensure continuous monitoring plans meet agency requirements
• Prepare authorization packages for government review
• Maintain ongoing compliance through change management processes
• Serve as the liaison between technical teams and authorizing officials
• Translate security requirements into actionable tasks
• Ensure all documentation meets the rigorous standards required for federal information systems

Information Security Analyst Requirements and Qualifications:

• Bachelor's degree in information systems security; master's degree or equivalent professional experience in information security is preferred
• Active Secret clearance
• 5+ years in cloud security, including 2+ in Azure Government or DoD environments
• Strong knowledge of Azure-native security tools, IL6 data handling, and cloud networking
• Proficient in scripting (PowerShell, Python, or Bash) and Infrastructure as Code (ARM, Bicep, Terraform)
• Experiences with DoD SRG, FedRAMP High, JSIG, and ICD 503 compliance frameworks
• Hands-on experience with classified enclaves, hardened images, and enclave-to-enclave connectivity
• Comprehensive knowledge of corporate Systems/Solutions Architecture processes and trends
• Strong leadership, organizational, and communication skills
• Secret Clearance to start
• Knowledge of Agile software development process

Required Technical Skills:

• SCAP, STIG, Patching, eMASS, and related RMF tools
• Cybersecurity, Systems Administration, implementation of RMF tools and processes
• Experience with gaining an ATO for systems and working the systems through the assessment and authorization process
• Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic email and access-list
• Excellent communication skills
• Experience working in Agile software development teams
• Experience with secure development, coding and engineering practices
• Experience with Cybersecurity, Information Security, and Information Technology Security processes, protocols, and procedures.

Experience

• 10 years of relevant experience
• * may vary based on technical training, certification(s), or degree
• Experience with Cloud Security
• Experience working with leading firewall, network scanning and authentication technologies
• Experience working with internet, web, application and network security techniques
• Experience in Agile methodology
• Experience in Jira to support development team in agile environment
• Experience working in Federal or State government environments
• Ability to work independently and remotely

Certification: Active DoD 8570 IAT Level II Certification (Security+, CISSP, CISM)

Travel Required: Little to no travel anticipated (may be required upon customer request)

Location: On-site 3 days a week at minimum.