Today
Top Secret
Senior Level Career (10+ yrs experience)
Unspecified
IT - Security
Arlington, VA (On/Off-Site)
Serve as the primary cloud security architect responsible for ensuring that cloud-hosted IT systems, particularly the Electronic Contract Writing Module (ECWM) and related customer contracting systems, are architected, designed, and implemented with robust security controls that meet or exceed agency requirements. The SME provides comprehensive security oversight throughout the system lifecycle, from initial design through deployment and ongoing operations, with particular emphasis on cloud environments including Oracle Cloud Infrastructure (OCI), Amazon Web Services (AWS), and Microsoft Azure. The position requires deep expertise in DoD cybersecurity frameworks, FedRAMP compliance, Risk Management Framework (RMF), and the unique security challenges inherent in cloud-based Government systems handling sensitive contracting and procurement data.
Qualifications
* Active Security Clearance
* Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related technical field
* Advanced cloud security certifications (CCSP, CISSP, SABSA, or equivalent) CISSP, CISM, or other advanced
cybersecurity certification
* Experience with DoD Enterprise DevSecOps Reference Design
* Knowledge of containerization security (Docker, Kubernetes) and micro services security architecture
Cloud ATO Experience: Two (2) years of hands-on experience achieving Authorization to Operate (ATO) in
cloud environments (OCI, AWS, Azure, or equivalent platforms) with demonstrated success in navigating
complex compliance requirements
* DoD Systems ATO Experience: Five (5) years of experience achieving ATOs for compartmented DoD IT
systems with deep understanding of DoD-specific security requirements, assessment processes, and
stakeholder coordination
* Cloud Certification: Current cloud security certification from major cloud providers (Oracle Cloud
Infrastructure, AWS, Azure, or equivalent) demonstrating technical proficiency and up-to date knowledge
of cloud security capabilities.
* DoD Approved 8140/8570 Baseline Certification
* FedRAMP Expertise: Extensive knowledge of FedRAMP assessment methodology including practical
experience with FedRAMP security control requirements, assessment procedures, and authorization
processes
* OCI Experience: Demonstrated experience working with Oracle Cloud Infrastructure (OCI) including
security architecture, implementation, and compliance activities
* Enterprise DoD IT Experience: Proven experience working with enterprise DoD IT systems, understanding
of DoD architecture standards, and familiarity with DoD cybersecurity requirements and processes
* Advanced expertise in cloud security architecture principles across multiple platforms (OCI,AWS, Azure,
Google Cloud) with deep understanding of shared responsibility models, cloud-native security services,
and hybrid cloud security considerations
* Comprehensive knowledge of cloud security engineering best practices including identity and access
management (IAM), network security, data encryption, key management, and secure application
deployment patterns
* Proficiency in Infrastructure as Code (IaC) security, container security, serverless security, and cloud
workload protection platforms with ability to implement security-by-design principles
* Expert-level understanding of cloud security threats, attack vectors, and mitigation strategies including
advanced persistent threats (APTs), insider threats, and cloud-specific vulnerabilities
* Extensive experience with DoD Risk Management Framework (RMF) processes including system
categorization, security control selection and implementation, assessment procedures, authorization
decisions, and continuous monitoring
* Deep knowledge of NIST cybersecurity frameworks (SP 800-53, SP 800-37, SP 800-171), DISA Security
Technical Implementation Guides (STIGs), and DoD cybersecurity policies and instructions
* Comprehensive understanding of FedRAMP assessment methodology, including security control
inheritance, shared controls, and the FedRAMP authorization process for cloud service providers
* Expertise in Authorization to Operate (ATO) processes for both cloud environments and compartmented
* DoD IT systems, including security documentation development, evidence collection, and stakeholder
coordination
* Advanced capabilities in conducting comprehensive cybersecurity vulnerability assessments with
specific focus on cloud hosting environments and the unique risks associated with multi-tenant cloud
infrastructure
* Proficiency in security testing methodologies including penetration testing, vulnerability scanning,
configuration assessments, and security control validation
* Experience with security assessment tools and platforms including Assured Compliance Assessment
Solution (ACAS), commercial vulnerability scanners, and cloud security posture management (CSPM)
tools
* Knowledge of threat modeling, security architecture review processes, and the ability to identify and
mitigate security gaps in complex, distributed systems
* Proven ability to review existing cloud security policies and provide actionable recommendations for
improvement to enhance overall security posture and meet evolving threat landscapes
* Experience in developing security standards, procedures, and guidelines that balance security
requirements with operational efficiency and mission effectiveness
* Knowledge of emerging cloud security technologies and methodologies with ability to assess their
applicability to DoD environments and recommend adoption strategies
* Comprehensive understanding of enterprise DoD IT architecture, including network topologies,system
interconnections, data flows, and the security implications of complex system integrations
* Experience with DoD enterprise services, shared services, and the security considerations involved in
connecting cloud-hosted applications to existing DoD infrastructure
* Knowledge of DoD cloud strategy and implementation approach
* Hands-on experience with cloud security tools and services including cloud access security brokers
(CASB), cloud workload protection platforms (CWPP), and security information and event management
(SIEM) solutions
* Proficiency in security automation, orchestration, and response (SOAR) capabilities with understanding
of how to leverage cloud-native security services for incident response and threat hunting
* Knowledge of DevSecOps practices and the integration of security controls into continuous integration/
continuous deployment (CI/CD) pipelines
* Understanding of backup and disaster recovery security considerations, business continuity planning,
and the security implications of cloud-based recovery solutions
* Experience with Government cloud initiatives (milCloud, AWS GovCloud, Azure Government)
* Familiarity with AI/ML security considerations in cloud environments
Additional Information
Only qualified candidates will be contacted. Be sure to keep an eye on your spam or junk folders in case our emails end up in there! Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.
All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.
Qualifications
* Active Security Clearance
* Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related technical field
* Advanced cloud security certifications (CCSP, CISSP, SABSA, or equivalent) CISSP, CISM, or other advanced
cybersecurity certification
* Experience with DoD Enterprise DevSecOps Reference Design
* Knowledge of containerization security (Docker, Kubernetes) and micro services security architecture
Cloud ATO Experience: Two (2) years of hands-on experience achieving Authorization to Operate (ATO) in
cloud environments (OCI, AWS, Azure, or equivalent platforms) with demonstrated success in navigating
complex compliance requirements
* DoD Systems ATO Experience: Five (5) years of experience achieving ATOs for compartmented DoD IT
systems with deep understanding of DoD-specific security requirements, assessment processes, and
stakeholder coordination
* Cloud Certification: Current cloud security certification from major cloud providers (Oracle Cloud
Infrastructure, AWS, Azure, or equivalent) demonstrating technical proficiency and up-to date knowledge
of cloud security capabilities.
* DoD Approved 8140/8570 Baseline Certification
* FedRAMP Expertise: Extensive knowledge of FedRAMP assessment methodology including practical
experience with FedRAMP security control requirements, assessment procedures, and authorization
processes
* OCI Experience: Demonstrated experience working with Oracle Cloud Infrastructure (OCI) including
security architecture, implementation, and compliance activities
* Enterprise DoD IT Experience: Proven experience working with enterprise DoD IT systems, understanding
of DoD architecture standards, and familiarity with DoD cybersecurity requirements and processes
* Advanced expertise in cloud security architecture principles across multiple platforms (OCI,AWS, Azure,
Google Cloud) with deep understanding of shared responsibility models, cloud-native security services,
and hybrid cloud security considerations
* Comprehensive knowledge of cloud security engineering best practices including identity and access
management (IAM), network security, data encryption, key management, and secure application
deployment patterns
* Proficiency in Infrastructure as Code (IaC) security, container security, serverless security, and cloud
workload protection platforms with ability to implement security-by-design principles
* Expert-level understanding of cloud security threats, attack vectors, and mitigation strategies including
advanced persistent threats (APTs), insider threats, and cloud-specific vulnerabilities
* Extensive experience with DoD Risk Management Framework (RMF) processes including system
categorization, security control selection and implementation, assessment procedures, authorization
decisions, and continuous monitoring
* Deep knowledge of NIST cybersecurity frameworks (SP 800-53, SP 800-37, SP 800-171), DISA Security
Technical Implementation Guides (STIGs), and DoD cybersecurity policies and instructions
* Comprehensive understanding of FedRAMP assessment methodology, including security control
inheritance, shared controls, and the FedRAMP authorization process for cloud service providers
* Expertise in Authorization to Operate (ATO) processes for both cloud environments and compartmented
* DoD IT systems, including security documentation development, evidence collection, and stakeholder
coordination
* Advanced capabilities in conducting comprehensive cybersecurity vulnerability assessments with
specific focus on cloud hosting environments and the unique risks associated with multi-tenant cloud
infrastructure
* Proficiency in security testing methodologies including penetration testing, vulnerability scanning,
configuration assessments, and security control validation
* Experience with security assessment tools and platforms including Assured Compliance Assessment
Solution (ACAS), commercial vulnerability scanners, and cloud security posture management (CSPM)
tools
* Knowledge of threat modeling, security architecture review processes, and the ability to identify and
mitigate security gaps in complex, distributed systems
* Proven ability to review existing cloud security policies and provide actionable recommendations for
improvement to enhance overall security posture and meet evolving threat landscapes
* Experience in developing security standards, procedures, and guidelines that balance security
requirements with operational efficiency and mission effectiveness
* Knowledge of emerging cloud security technologies and methodologies with ability to assess their
applicability to DoD environments and recommend adoption strategies
* Comprehensive understanding of enterprise DoD IT architecture, including network topologies,system
interconnections, data flows, and the security implications of complex system integrations
* Experience with DoD enterprise services, shared services, and the security considerations involved in
connecting cloud-hosted applications to existing DoD infrastructure
* Knowledge of DoD cloud strategy and implementation approach
* Hands-on experience with cloud security tools and services including cloud access security brokers
(CASB), cloud workload protection platforms (CWPP), and security information and event management
(SIEM) solutions
* Proficiency in security automation, orchestration, and response (SOAR) capabilities with understanding
of how to leverage cloud-native security services for incident response and threat hunting
* Knowledge of DevSecOps practices and the integration of security controls into continuous integration/
continuous deployment (CI/CD) pipelines
* Understanding of backup and disaster recovery security considerations, business continuity planning,
and the security implications of cloud-based recovery solutions
* Experience with Government cloud initiatives (milCloud, AWS GovCloud, Azure Government)
* Familiarity with AI/ML security considerations in cloud environments
Additional Information
Only qualified candidates will be contacted. Be sure to keep an eye on your spam or junk folders in case our emails end up in there! Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.
All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.
group id: 91015375
N
