Security Compliance Analyst

About Us
Venatore is a woman-owned small business headquartered in Tampa, Florida, providing mission-driven technology and professional services to federal defense and civilian agencies. We deliver expertise in information technology, engineering, logistics, and program support to help our clients achieve operational excellence and mission success.

About the Job
The Security & Compliance Administrator supports U.S. Southern Command by implementing, maintaining, and enforcing cybersecurity and compliance frameworks across cloud and on-premises environments. This role is responsible for ensuring systems meet federal and Department of Defense (DoD) security requirements, supporting the Authority to Operate (ATO) lifecycle, and coordinating with cybersecurity teams to manage risk, vulnerabilities, and incident response. This position is performed remotely and requires U.S. citizenship, the ability to access U.S. military installations, and an active Secret or higher security clearance.

Responsibilities
Security Policy Enforcement & Compliance

• Monitor and enforce security policies related to data storage, access, and usage across enterprise environments.
• Ensure compliance with FedRAMP, Risk Management Framework (RMF), and DoD cybersecurity mandates.
• Support compliance with NIST 800-53 Rev. 5 and DoD Impact Level (IL) 4/IL5 requirements.

ATO & Risk Management Support

• Support the Authority to Operate (ATO) process, including development and maintenance of System Security Plans (SSPs).
• Assist with security control assessments, documentation, and remediation activities.
• Perform and support continuous monitoring activities, including vulnerability identification and tracking.

Incident Response & Security Operations

• Coordinate with cybersecurity teams to track, analyze, and respond to security incidents.
• Recommend and support implementation of mitigation strategies to address identified risks.
• Conduct security risk assessments and support identity and access management (IAM), vulnerability management, and incident response processes.

Tools & Automation

• Utilize and manage security tools such as SIEMs, vulnerability scanners, and identity management solutions.
• Support security automation, zero trust architecture initiatives, and compliance reporting efforts.
• Leverage tools including Splunk, Microsoft Defender, AWS Security Hub, Azure Security Center, and Tenable Nessus.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Assurance, Information Security, or a related field, or five (5) years of equivalent experience in security and compliance management.
• Demonstrated experience conducting security audits, enforcing security policies, and ensuring compliance with DoD and Intelligence Community (IC) security frameworks.
• Demonstrated experience with security risk assessments, identity and access management (IAM), continuous vulnerability monitoring, vulnerability management, and incident response.
• Strong knowledge of zero trust architecture, security automation, and compliance reporting.
• Experience managing and prioritizing complex project tasks.
• Ability to travel approximately 5–15%, as required.
• U.S. citizenship and ability to successfully pass a background check for access to U.S. military bases.
• Active Secret or higher security clearance.

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or AWS Certified Security – Specialty.
• Experience supporting government IT programs and operating in regulated federal environments.
• Portuguese or Spanish language proficiency.
• Active TS/SCI clearance.