We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Spectraforce Technologies jobs

Security Risk Analyst III

Spectraforce Technologies
United States, South Carolina, Columbia
Sep 29, 2025
Title: Security Risk Analyst III

Duration: 12 months

Location: Columbia, SC

Partial Onsite: Tuesday, Wednesday, Thursday onsite and as needed

C2 eligibility is required

Duties:

  • Plan and perform compliance and risk assessment activities for information systems and related processes.
  • Communicate and escalate compliance and risk issues to the appropriate department and/or level of management. Act as a change agent to influence the I/S and corporate compliance culture.
  • 20% Independently monitor remediation of new and outstanding issues, including Information Security Risk Exception process, to ensure identification of areas of non-compliance.
  • Utilize tools to track and report on compliance posture.
  • 20% Independently conduct formal risk analysis and self-assessments to determine effectiveness of controls and ensure creation of action plans to remediate identified risks.
  • 20% Facilitate development, implementation and documentation of Information Security policies, procedures, processes and programs to guide organization toward continuous compliance.
  • Independently analyze and interpret security regulations and controls to advise on security compliance at a broad perspective across multiple business areas. Consult on organizational impacts of compliance and risk management decisions.
  • 20% Serve as an interface with external entities for governance and compliance reviews regarding information security risk across multiple business areas and controls.
  • 10% Independently investigate, document and resolve Information Security Incidents. Advise senior management of critical issues that may affect organization.
  • 10% Research emerging security topics, threats and capabilities to create/update policy and governance.
  • Promote organizational security awareness by developing security training, Security Council bulletins, security policies, standards and best practices


Requirements:

  • Candidates Technical Background:

    • Experience with NIST, FISMA, COBIT, SSAE16, PCI, SOX, HIPAA, or other regulatory requirements.
    • Experience working on Security Management Plan
    • Experience with working on vulnerability matrices
    • Experience with the scanning and remediation of I/S assets using automated tools is beneficial (i.e. Nessus, AppDetective, Vanguard, etc.).
    • Knowledge of technical security controls from NIST, DISA, USGCB, etc. compliance domains across multiple platforms.
    • Deep understanding of security risk exposures and how vulnerabilities can be translated into business risk that leadership understands.
    • Advanced knowledge on security risk assessment execution.
    • Expert level knowledge on risk mitigation strategies.
    • Excel expert with the ability to analyze, trend and forecast from high volumes of compliance data.
    • Proficient with MS Word.


  • Preferred/Highly Desired Skills:

    • Experience with compliance programs within a government agency (i.e. Medicare, Tricare) is preferred.
    • Direct experience with NIST 800-53 security frameworks.
    • Any experience with Visio or PowerPoint a plus.
    • Any experience with DoD, DIARMF or FedRamp program are a plus.
    • SQL experience a plus.


  • Required Skills and Abilities:

    • Good understanding of Systems Development Life Cycle methodologies.
    • Subject Matter Expert in government or private risk frameworks and control implementations.
    • Good understanding of risk management, information system security and compliance standards.
    • Excellent analytical and decision-making skills.
    • Proven ability to interpret and apply knowledge of regulatory/accreditation requirements.
    • Ability to independently solve problems often spanning multiple environments and business areas.
    • Ability to effect change and bring security, risk and compliance knowledge to the organization through the use of positive influence.
    • Understanding of infrastructure and networking architecture WANs, LANs, Internet, intranets and communication protocols.
    • Strong communication skills in presenting results both verbally and in writing.
    • Possess excellent collaboration skills with a wide variety of internal matrix and management staff.


  • ? Required Software and Other Tools: Standard office equipment.


Work Environment: Fast paced, multi-platformed environment which may require action and response 24X7 to support the technical business needs of the customer.

Required Education: Bachelor's Degree in Computer Science, Information Technology or related degree.

Required Degree Equivalency: 4 years of job related work experience or 2 years of job related experience plus an associate's degree in Computer Science, Information Technology or other job related degree

Required Work Experience: 6 years of I/T experience including 4 years of IT security, risk assessment and/or compliance experience. Successful completion of Client's Entry Level Training Program (ELTP) may be substituted for 2 years of I/T experience.
Applied = 0
MORE JOBS LIKE THIS

(web-759df7d4f5-7gbf2)