RISCPoint Advisory Group
Security Operations Analyst
Remote
·
Full time
RISCPoint is seeking a Security Operations Analyst responsible for supporting and maintaining the ongoing security and compliance posture of FedRAMP-authorized information systems.
About RISCPoint Advisory Group
Description
Position Overview
RISCPoint is seeking a Security Operations Analyst responsible for supporting and maintaining the ongoing security and compliance posture of FedRAMP-authorized information systems through the execution of continuous monitoring, vulnerability management, and security operations activities. This role includes proactively identifying, analyzing, and responding to security events and incidents, performing regular vulnerability assessments and remediation tracking, and ensuring system configurations, controls, and documentation remain aligned with FedRAMP, NIST, and organizational security requirements. The Security Operatins Analyst collaborates with engineering, compliance, and operational teams to validate control effectiveness, support audit and assessment activities, and maintain accurate system security documentation, including SSP updates, POA&M management, and risk reporting. This position plays a critical role in safeguarding federal data, ensuring regulatory compliance, and strengthening the overall resilience and security maturity of authorized cloud environments.
Key Responsibilities
Security Operations:
· Utilize and maintain automated security tooling for monitoring and response within customer environments
· On-call rotation to provide rapid response to potential security incidents
· Incident response notification and communications
· Conduct routine vulnerability assessments and provide remediation guidance
Continuous Monitoring:
· Perform weekly vulnerability scans using approved scanning tools
· Analyze vulnerability scan results and coordinate remediation efforts
· Monitor security alerts from SIEM, IDS/IPS, and other security tools
· Track security metrics and maintain compliance dashboards
· Maintain FedRAMP Continuous Monitoring compliance including Cloud Security Posture Management
Compliance & Reporting:
· Conduct quarterly threat hunting exercises
· Assist with monthly ConMon reporting deliverables
· Maintain Plan of Action & Milestones (POA&M) documentation
· Support 3PAO assessments and audits
Security Tools Management:
· Configure and maintain security monitoring platforms
· Tune security tools to reduce false positives
· Develop custom detection rules and alerts
· Create security dashboards and reports
Qualifications
Experience:
· 2-4 years in security operations, incident response, or SOC analyst role
· 1-2 years working in AWS, particularly AWS GovCloud
· Experience with vulnerability management and remediation
· Hands-on experience with SIEM platforms and security monitoring tools
· Experience analyzing security logs and investigating incidents
Certifications:
· Security+ or equivalent DoD 8570 IAT Level II certification
· One of: ISC2 CISSP/CCSP, GIAC GCIH (Preferred)
· One of: AWS Security Specialist, AWS Certified Solutions Architect – Associate (Preferred)
Technical Skills:
· Security Tools: Tenable Nessus, Qualys, Rapid7, other vulnerability scanners
· SIEM Platforms: Google SecOps, Splunk ES, Azure Sentinel, etc.
· IDS/IPS: Suricata, Zeek, Snort
· Cloud Security: AWS GuardDuty, AWS Security Hub, CloudTrail, VPC Flow Logs, AWS IAM
· Endpoint Security: CrowdStrike, Carbon Black, Microsoft Defender
· Incident Response: Experience with IR frameworks (NIST 800-61)
· Compliance: NIST 800-53 Rev. 5 controls, FedRAMP
· Scripting, Automation, IaC: Python, Ansible, AWS CLI, Terraform
COMPENSATION & BENEFITS
· Base Salary + Bonus
· Company Paid Health Insurance
· Company Paid Dental Insurance
· Company Paid Vision Insurance
· 401k with 3% Company Contribution (Traditional & Roth Options)
· Generous Vacation Policy