Cloud Cybersecurity Subject Matter Expert

Overview

CLOUD CYBERSECURITY SUBJECT MATTER EXPERT (MODES):

Bowhead seeks a Cloud Cybersecurity SME to join our team in supporting the Military Community and Family Policy Outreach & Digital Enterprise Services (MODES) located in Arlington, VA. The Cloud Cybersecurity SME will provide comprehensive multidisciplinary leadership and Cyber related support for MC&FP.

Responsibilities

• Serve as a technical leader, responsible for designing, implementing, and managing complex cloud based solutions within DoD environments.
• This role requires expertise in DevOps practices, Infrastructure as Code (IaC), and secure cloud platforms, with a focus on delivering scalable, high availability solutions while adhering to government mandated security standards.
• Design and engineer secure, scalable cloud architectures using AWS and other cloud platforms to meet client requirements.
• Implement and maintain Infrastructure as Code (IaC) to automate cloud provisioning, configuration, and management.
• Lead the development and maintenance of CI/CD pipelines using GitLab, ensuring seamless integration and deployment of applications.
• Develop and manage DevSecOps pipelines within the Gov Cloud Framework, emphasizing security and compliance. Write advanced scripts using PowerShell, Python, and Bash to resolve automation and deployment challenges.
• Ensure all cloud solutions comply with DoD security protocols, FedRAMP, and FISMA requirements.
• Collaborate with cybersecurity teams to document controls, support Interim Authorization to Test (IATT) and Authority to Operate (ATO) processes, and address audit requirements.
• Monitor cloud environments to ensure compliance with industry best practices and government security mandates.
• Provide expert evaluations of cloud-based solutions, ensuring alignment with technical and operational goals.
• Work independently and collaboratively to resolve complex issues within DoD cloud environments.
• Escalate risks, constraints, and critical issues to appropriate stakeholders for resolution.

Qualifications

• Bachelor's degree in computer science, IT, information systems, or related field.
• Certified in one of the following: CISM; CISSO; FITSP-M; GCIA; GCSA; GCIH; GSLC; GICSP; CISSP-ISSMP; or CISSP.
• Eight (8+) years managing cloud-based cybersecurity projects of similar complexity.
• Eight (8+) years with NIST RMF, NIST SP 800-53, STIGs, SCAP, IAVAs, and FISMA.
• Ability to communicate effectively with all levels of employees and outside contacts.
• Strong interpersonal skills and good judgment with the ability to work alone or as part of a team.

Desired Experience

• Eight (8+) years in vulnerability management & penetration-testing corrective actions.
• Eight (8+) years supporting DoD defensive cyber operations: system protection, incident handling, reporting, recovery.

Physical Demands

• Must be able to lift 25 pounds on occasion.
• Must be able to stand and walk for prolonged period amounts of time.
• Must be able to twist, bend, and squat periodically.

SECURITY CLEARANCE REQUIREMENTS: Must be able to maintain a security clearance at the Top Secret/SCI level. US Citizenship is a requirement for this contract.