Security & Compliance Administrator - Mid
About The Position
This position is for a Security & Compliance Administrator at Nalley Consulting, working with prime partners to staff Department of Defense and Intelligence Community positions. The role is located at SOUTHCOM HQ in Doral, FL, and is an on-site position within the U.S. Southern Command J2 office. The administrator will be responsible for monitoring and validating Kubernetes and data lake deployments for compliance with RMF, NIST 800-53, and DoD IL4/IL5 requirements. This includes maintaining continuous monitoring dashboards, conducting vulnerability scans, supporting the agency’s ATO process, preparing system security documentation, enforcing encryption and access policies, and submitting Security & Compliance Assessment Reports.
Requirements
- Possess the knowledge and capability to implement, monitor, and enforce security policies, frameworks, and compliance controls across cloud-based and on-premises environments.
- Proficient in NIST 800-53, FedRAMP, DoD IL-4/5 security policies, and risk assessment methodologies.
- Strong understanding of identity and access management (IAM), security monitoring tools (Splunk, SIEM solutions), zero-trust architecture, and vulnerability assessment frameworks is required.
- Demonstrated experience in conducting security audits, assessing system compliance with DoD cybersecurity policies, and implementing security controls in cloud and hybrid environments.
- Experience with security automation, endpoint protection, and incident response processes is required.
- Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or a related field, or five (5) years of equivalent experience in security and compliance roles.
- Required clearance: TS/SCI
Nice To Haves
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or AWS Certified Security – Specialty.
Responsibilities
- Monitor and validate Kubernetes and data lake deployments for compliance with RMF, NIST 800-53, and DoD IL4/IL5 requirements, in collaboration with agency cybersecurity teams.
- Maintain continuous monitoring dashboards and conduct vulnerability scans of deployed infrastructure and workloads, supporting the agency’s ATO process and risk posture.
- Prepare and update system security documentation—including SSPs, SARs, and POA&Ms—to reflect changes to architecture, controls, or risk conditions under WO-003.
- Enforce encryption, logging, and identity access policies (IAM, RBAC, audit logging) to maintain traceability and accountability across the Kubernetes-based data layer.
- Submit the Security & Compliance Assessment Report, providing a summary of control effectiveness, findings, and recommended remediation actions.
Benefits
- Excellent medical, dental, and vision benefits
- PTO
- 11 paid federal holidays
- Tuition assistance
- Paid military-reserve leave
- Paid parental leave for birth or adoption
- 401k matching up to 5 percent of the base salary
- Flex time
- Company-paid short-term disability, long-term disability, and life insurance.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
