Job Requirements
Fairfax, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description
Everforth ECS is seeking a Cloud Security Engineer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
The Cloud Security Engineer delivers hands-on cloud security engineering and cyber defense operations across WDP's classified and unclassified environments, with a focus on patch management, continuous monitoring, and incident response spanning NIPRNet, SIPRNet, and JWICS. This role is integral to sustaining the security posture, authorization compliance, and operational readiness of WDP's multi-enclave AWS cloud infrastructure in direct support of DoW mission-owner communities and Joint Staff elements.
• Conducts patch management operations across War Data Platform (WDP) Core Integration cloud enclaves by operating vulnerability scanning workflows, identifying required updates, tracking patch applicability, and automating deployment actions aligned with Department of War patching directives supporting Joint Staff elements and mission-owner communities.
• Validates patch implementation in controlled environments by executing test sequences, reviewing system behavior, and confirming compliance with configuration baselines across virtual machines, containerized services, Infrastructure as Code modules, and platform services.
• Operates cloud logging and monitoring mechanisms using CloudWatch, GuardDuty, Splunk, Elastic clusters, and integrated SIEM pipelines to detect configuration drift, unauthorized change activity, and misconfigurations affecting War Data Platform (WDP) Core Integration readiness.
• Supports deployment and evaluation of incident response procedures by executing data collection steps, performing event correlation, documenting operational impact, and generating incident response metrics such as mean time to detect, mean time to respond, containment intervals, and recovery validation results.
• Contributes to incident triage by analyzing indicators of compromise, correlating system logs, validating remediation actions, and preparing status reporting for senior operational leaders.
• Participates in lessons learned reviews by identifying root causes, proposing corrective actions, and incorporating process improvements into standardized runbooks, intelligence feeds, and automated control mechanisms.
• Strengthens defensive posture across NIPRNet, SIPRNet, and JWICS environments by maintaining operational continuity, supporting cyber readiness objectives, and contributing to mission-aligned cloud security modernization efforts.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI).
• 3-10 years of experience in cloud security engineering, cybersecurity operations, or a closely related discipline within federal, DoW, or enterprise cloud environments.
• Demonstrated hands-on experience with cloud-native security and monitoring tools including AWS CloudWatch, GuardDuty, and either Splunk or Elastic SIEM platforms, with applied experience in vulnerability scanning, patch management, and incident response operations across classified or government cloud environments.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
• Relevant cloud security or cybersecurity certification such as AWS Certified Security - Specialty, CompTIA CySA+, GIAC Cloud Security Essentials (GCLD), or Certified Information Systems Security Professional (CISSP).
• Familiarity with the DoW Risk Management Framework (RMF) process, including experience maintaining cybersecurity artifacts, Body-of-Evidence (BOE) packages, and Plan of Action and Milestones (POA&M) items under NIST 800-53 in support of Authorization to Operate (ATO) activities.
• Experience applying Zero Trust (ZT) architecture principles, including micro-segmentation, Attribute-Based Access Control (ABAC), and supply chain risk management within classified or federal cloud environments.
• Working knowledge of Infrastructure-as-Code (IaC) security practices using Terraform or Ansible, including integration of automated security controls within CI/CD pipelines in support of DevSecOps workflows.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
Everforth ECS is seeking a Cloud Security Engineer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
The Cloud Security Engineer delivers hands-on cloud security engineering and cyber defense operations across WDP's classified and unclassified environments, with a focus on patch management, continuous monitoring, and incident response spanning NIPRNet, SIPRNet, and JWICS. This role is integral to sustaining the security posture, authorization compliance, and operational readiness of WDP's multi-enclave AWS cloud infrastructure in direct support of DoW mission-owner communities and Joint Staff elements.
• Conducts patch management operations across War Data Platform (WDP) Core Integration cloud enclaves by operating vulnerability scanning workflows, identifying required updates, tracking patch applicability, and automating deployment actions aligned with Department of War patching directives supporting Joint Staff elements and mission-owner communities.
• Validates patch implementation in controlled environments by executing test sequences, reviewing system behavior, and confirming compliance with configuration baselines across virtual machines, containerized services, Infrastructure as Code modules, and platform services.
• Operates cloud logging and monitoring mechanisms using CloudWatch, GuardDuty, Splunk, Elastic clusters, and integrated SIEM pipelines to detect configuration drift, unauthorized change activity, and misconfigurations affecting War Data Platform (WDP) Core Integration readiness.
• Supports deployment and evaluation of incident response procedures by executing data collection steps, performing event correlation, documenting operational impact, and generating incident response metrics such as mean time to detect, mean time to respond, containment intervals, and recovery validation results.
• Contributes to incident triage by analyzing indicators of compromise, correlating system logs, validating remediation actions, and preparing status reporting for senior operational leaders.
• Participates in lessons learned reviews by identifying root causes, proposing corrective actions, and incorporating process improvements into standardized runbooks, intelligence feeds, and automated control mechanisms.
• Strengthens defensive posture across NIPRNet, SIPRNet, and JWICS environments by maintaining operational continuity, supporting cyber readiness objectives, and contributing to mission-aligned cloud security modernization efforts.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI).
• 3-10 years of experience in cloud security engineering, cybersecurity operations, or a closely related discipline within federal, DoW, or enterprise cloud environments.
• Demonstrated hands-on experience with cloud-native security and monitoring tools including AWS CloudWatch, GuardDuty, and either Splunk or Elastic SIEM platforms, with applied experience in vulnerability scanning, patch management, and incident response operations across classified or government cloud environments.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
• Relevant cloud security or cybersecurity certification such as AWS Certified Security - Specialty, CompTIA CySA+, GIAC Cloud Security Essentials (GCLD), or Certified Information Systems Security Professional (CISSP).
• Familiarity with the DoW Risk Management Framework (RMF) process, including experience maintaining cybersecurity artifacts, Body-of-Evidence (BOE) packages, and Plan of Action and Milestones (POA&M) items under NIST 800-53 in support of Authorization to Operate (ATO) activities.
• Experience applying Zero Trust (ZT) architecture principles, including micro-segmentation, Attribute-Based Access Control (ABAC), and supply chain risk management within classified or federal cloud environments.
• Working knowledge of Infrastructure-as-Code (IaC) security practices using Terraform or Ansible, including integration of automated security controls within CI/CD pipelines in support of DevSecOps workflows.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A