Compliance Security and Microsoft Cloud Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Eccalon, LLC · 2 weeks ago

Compliance Security and Microsoft Cloud Analyst

positionHanover, MD
timeFull-time
remoteOnsite
seniorityEntry, Mid Level

Eccalon, LLC is seeking a Compliance Security and Microsoft Cloud Analyst to play a critical role in Cyber Compliance Operations and Cloud Security Engineering. The selected candidate will drive cybersecurity compliance initiatives aligned with DoD frameworks and implement Microsoft Azure Government and M365 GCC High security controls across client environments.

CRMCyber SecurityInformation Technology
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Assist in designing, configuring, and implementing Microsoft Azure Government and M365 GCC High security controls
Support Azure Gov resource hardening, including Virtual Machines, Key Vaults, Storage Accounts, Defender for Cloud, Sentinel, Azure Policies, and Conditional Access
Assist with Microsoft 365 GCC High Security & Compliance Center configurations, including DLP, Sensitivity Labels, Insider Risk, and Compliance Manager setup for CMMC and NIST alignment
Configure and monitor Azure Sentinel Workbooks, Cloud Security Posture Management (CSPM), Defender for Endpoint (Gov), and Defender for Identity integrations
Conduct Microsoft Secure Score reviews and remediation within GCC High and Azure Gov environments
Assist in developing automated security monitoring dashboards and reporting using Azure Monitor, Microsoft Sentinel GCC High
Support Azure network security hardening, including NSGs, ASGs, Private Endpoints, and Firewall rules
Help develop and document Zero Trust Architecture alignment using Microsoft Cloud-native tools
Research, identify, and map NIST and DoD cybersecurity controls (NIST 800-53, 800-171/172, FedRAMP (M) and CMMC) to Microsoft Cloud implementations and On-premises environments
Assist with System Security Plan (SSP), Policies, Procedures, and Plan of Action & Milestones (POA&M) documentation for client environments
Support control gap analysis, evidence collection, and audit preparation for DoD contractor compliance
Conduct security control validation testing (manual and automated), for both on-premises and cloud based systems
Document and report on control effectiveness, remediation plans, and risk mitigation actions
Assist with preparing security architecture diagrams showing how Microsoft Cloud services map to compliance controls
Support client teams during external CMMC, NIST, or DFARS audits and assessments
Help draft and revise Policies, Standards, and Procedures (PSPs) to align with DoD cybersecurity requirements

Qualification

Microsoft Azure GovernmentMicrosoft 365 GCC HighNIST 800-53 complianceCybersecurity compliance frameworksMicrosoft Defender XDRAzure SentinelNetwork security conceptsSecurity documentation writingMultitaskingCritical ThinkingProblem SolvingVerbal CommunicationWritten CommunicationCollaborationAdaptability

Required

Bachelor's in Cybersecurity, Cyber Defense or equivalencies
Strong understanding of Microsoft Azure Government (IaaS/PaaS/SaaS) security configurations
Hands-on experience with Microsoft 365 GCC High security and compliance solutions
Familiar with Microsoft Defender XDR stack (Defender for Endpoint, Identity, Office 365, Cloud Apps) for GCC High
Working knowledge of Azure AD/Entra ID security policies, Role-Based Access Control (RBAC), and Privileged Identity Management (PIM)
Experience with Azure Sentinel deployment and use case creation
Familiarity with Azure Policy, Blueprints, and Resource Locks for governance and compliance
Experience in NIST 800-53, 800-171, 800-172, FedRAMP (M) and CMMC L1/L2/L3 control frameworks
Proficient in security documentation writing for Policies, Standards, System Security Plans, and POA&Ms
Proficient in network security concepts, firewall rule sets, and enterprise network topology diagrams
Critical Thinking and Problem Solving
Strong Verbal and Written Communication
Professional and Technical Writing
Collaboration and Teamwork
Multitasking and Task Prioritization
Adaptability and Initiative
Knowledge of Assessment and Audit Management Processes

Preferred

Master's degree in information assurance and cyber security
Strong knowledge of Microsoft Security Best Practices for Cloud (Azure Gov, M365 GCC High)
Ability to interpret DoD contract security clauses (DFARS, CMMC, NIST requirements) and apply them to cloud environments
Familiarity with Microsoft Compliance Manager and Secure Score tools in GCC High
Exposure to Defender for Cloud recommendations, regulatory compliance dashboards, and Microsoft Sentinel analytics rules
Proficient in evaluating data protection (at rest, in transit, and in use) in both cloud and on-premises environments
Ability to conduct technical research and compliance gap analysis, followed by Microsoft technology specific security remediation steps
Microsoft Certified: Azure Security Engineer Associate - AZ 500
Microsoft Certified: Cybersecurity Architect Expert - SC 100
Microsoft Certified: Information Protection and Compliance Administrator Associate - SC 401
Microsoft Cloud Administration (others): - SC 900 or SC 200 or SC 300
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)

Company

Eccalon, LLC

twittertwitter
company-logo
Eccalon helps organizations turn complexity into clarity.
dateFounded in 2017
location
Hanover, Maryland, USA
people-size51-200 employees
web-link
https://www.eccalon.com

Funding

Current Stage
Growth Stage

Recent News

DBusiness Magazine
Eccalon to Establish Headquarters at The Icon Building in Detroit, Creating Up to 800 New Jobs
2025-12-30
Maryland Daily Record
Maryland tech firm aims to fill 800 jobs at future Detroit HQ
2025-12-20
Company data provided by crunchbase