Job Requirements
Herndon, VA
Top Secret/SCI Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
We are seeking a Systems Engineer to support enterprise-wide cloud security, compliance, and risk management activities across multiple cloud service providers, including Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI).
This role is responsible for supporting security assessment, authorization (A&A) activities, continuous monitoring, and change management processes in alignment with federal cybersecurity frameworks and Sponsor security requirements. The position requires strong technical expertise in cloud security architecture, risk analysis, and compliance documentation, as well as the ability to coordinate across technical teams, stakeholders, and external cloud service providers.
Duties & Responsibilities:
Support security assessment, compliance, and continuous monitoring across multi-cloud environments (AWS, Azure, GCP, OCI)
Evaluate cloud systems for vulnerabilities, security gaps, and compliance with federal and industry security standards
Perform vulnerability and scan analysis using tools such as Rapid7, Nessus, and Qualys, and recommend remediation actions
Support cloud Authorization & Accreditation (A&A) activities, including review of security documentation and control evidence
Manage and track security risks, including POA&Ms and remediation timelines
Collaborate with cloud providers and internal teams to assess system architecture and security posture
Participate in Technical Exchange Meetings (TEMs) to review cloud designs and security implementations
Support security control assessments and system security engineering activities
Maintain compliance dashboards, metrics, and reporting on system security posture and risk status
Prepare technical reports, risk summaries, and leadership briefings
Support coordination of security tasks, milestones, and cross-team initiatives
Requirements:
Experience working in cloud environments (AWS, Azure, Google Cloud, or Oracle Cloud)
Experience performing security or vulnerability assessments in cloud or enterprise systems
Familiarity with security scanning tools (e.g., Rapid7, Nessus, Qualys)
Experience tracking and managing security risks and remediation items (POA&Ms or equivalent)
Understanding of cloud security frameworks and controls (e.g., NIST RMF, NIST 800-53)
Experience supporting system security or cloud architecture reviews
Ability to interpret security findings and translate them into actionable remediation steps
Strong communication skills for technical documentation and stakeholder coordination
Preferred Qualifications:
Experience supporting federal or highly regulated cloud environments
Familiarity with Authorization & Accreditation (A&A) or similar security approval processes
Experience working with cross-functional engineering and security teams
Exposure to compliance reporting, dashboards, or security metrics
Experience supporting security engineering or DevSecOps activities
Experience using security or governance tools (e.g., Xacta 360, RSA Archer, RiskVision)
What we offer:
Flexible time off
Full medical coverage
401(k) with company match
Referral bonuses
Performance bonuses
Life insurance and disability coverage
Tuition and training reimbursement
This role is responsible for supporting security assessment, authorization (A&A) activities, continuous monitoring, and change management processes in alignment with federal cybersecurity frameworks and Sponsor security requirements. The position requires strong technical expertise in cloud security architecture, risk analysis, and compliance documentation, as well as the ability to coordinate across technical teams, stakeholders, and external cloud service providers.
Duties & Responsibilities:
Support security assessment, compliance, and continuous monitoring across multi-cloud environments (AWS, Azure, GCP, OCI)
Evaluate cloud systems for vulnerabilities, security gaps, and compliance with federal and industry security standards
Perform vulnerability and scan analysis using tools such as Rapid7, Nessus, and Qualys, and recommend remediation actions
Support cloud Authorization & Accreditation (A&A) activities, including review of security documentation and control evidence
Manage and track security risks, including POA&Ms and remediation timelines
Collaborate with cloud providers and internal teams to assess system architecture and security posture
Participate in Technical Exchange Meetings (TEMs) to review cloud designs and security implementations
Support security control assessments and system security engineering activities
Maintain compliance dashboards, metrics, and reporting on system security posture and risk status
Prepare technical reports, risk summaries, and leadership briefings
Support coordination of security tasks, milestones, and cross-team initiatives
Requirements:
Experience working in cloud environments (AWS, Azure, Google Cloud, or Oracle Cloud)
Experience performing security or vulnerability assessments in cloud or enterprise systems
Familiarity with security scanning tools (e.g., Rapid7, Nessus, Qualys)
Experience tracking and managing security risks and remediation items (POA&Ms or equivalent)
Understanding of cloud security frameworks and controls (e.g., NIST RMF, NIST 800-53)
Experience supporting system security or cloud architecture reviews
Ability to interpret security findings and translate them into actionable remediation steps
Strong communication skills for technical documentation and stakeholder coordination
Preferred Qualifications:
Experience supporting federal or highly regulated cloud environments
Familiarity with Authorization & Accreditation (A&A) or similar security approval processes
Experience working with cross-functional engineering and security teams
Exposure to compliance reporting, dashboards, or security metrics
Experience supporting security engineering or DevSecOps activities
Experience using security or governance tools (e.g., Xacta 360, RSA Archer, RiskVision)
What we offer:
Flexible time off
Full medical coverage
401(k) with company match
Referral bonuses
Performance bonuses
Life insurance and disability coverage
Tuition and training reimbursement
group id: 91165268
