Job Details

Cloud Computing Specialist

Serves as a cloud security and accreditation subject matter expert, providing advanced technical expertise in applying the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) standards and guidance as defined in NIST SP 800-37 and NIST SP 800-53.

Leads and supports Certification and Accreditation (C&A) activities for complex DoD and federal information systems, ensuring compliance with DoD Cloud Computing Security Requirements Guide (SRG), FedRAMP, and applicable security frameworks.

Develops, evaluates, and documents cloud security policies, procedures, and controls across public, private, hybrid, and multi-cloud environments.

Identifies, manages, and mitigates cloud computing security risks, implementing industry best practices across all deployment and service models (IaaS, PaaS, SaaS).

Performs Cybersecurity Control Assessments and conducts C&A reviews for large and complex enterprise systems.

Advises stakeholders and system owners on cloud risk management strategies, secure design principles, and compliance with DoD and federal cybersecurity requirements.

Supports continuous monitoring, vulnerability management, and audit readiness efforts within cloud-hosted environments.

Provides expert guidance on secure modern computing paradigms, including hybrid, cloud-native microservices, edge computing, and Internet of Things (IoT) implementations.

Contributes to the development of cloud architectures, security baselines, and authorization packages (A&A) using RMF and FedRAMP methodologies.

Ensures cloud environments meet DoD Zero Trust architecture principles, supporting enterprise-level cybersecurity initiatives.

Clearance: Secret IT-I (Tier 5/SSBI) Critical Sensitive Clearance

• (ISC) Certified Cloud Security Professional (CCSP) Required
• DoD 8570 IAT Level II Baseline Certification:
• COMPTIA Security+ CE
• Cisco Certified Network Associate (CCNA)
• COMPTIA Cybersecurity Analyst (CySA+)
• Global Information Assurance Certification (GIAC) Global Industriel Cyber Security Professional (GICSP)
• One of the Following Google Cloud Platform Certifications:
• Google Associate Cloud Engineer
• Google Professional Cloud Architect
• One of the following AWS certifications:
• AWS Certified Cloud Practitioner
• AWS Certified Security Specialty
• AWS Certified Solutions Architect Associate
• AWS Certified Solutions Architect Professional
• AWS Certified SysOps Administrator
• Microsoft Certified: Azure Administrator Associate
• Microsoft Certified: Azure Solutions Architect Expert
• Microsoft Certified: Azure Security Engineer Associate
• Oracle Cloud Infrastructure Cloud Operations

Five (5) years of relevant Certification & Accreditation (C&A) experience.

Demonstrated experience with RMF, NIST SP 800-37, and NIST SP 800-53 security frameworks.

Proven DoD Cybersecurity experience with application of C&A standards to large-scale systems.

Experience conducting security control assessments and C&A reviews for enterprise systems.

Experience with hybrid computing, edge computing, and cloud-native architectures.

Proficiency in FedRAMP assessment methodologies across six (6) key domains:

• Architectural Concepts & Design Requirements
• Cloud Data Security
• Cloud Platform & Infrastructure Security
• Cloud Application Security
• Operations
• Legal & Compliance

Five (5) years of hands-on experience supporting DoD Commercial Cloud Hosting (CCH) environments.

In-depth knowledge of DoD security requirements for Google Cloud Platform (GCP).

Experience with multiple commercial cloud providers (e.g., AWS, Azure, Oracle Cloud Infrastructure) and their security frameworks.

Deep understanding of DoD cybersecurity compliance, including DISA STIGs, IAVAs, and DoD Cloud Computing SRG.

Expertise in implementing and assessing Zero Trust security models within cloud and hybrid environments.

Demonstrated ability to identify, assess, and mitigate security risks while preparing and supporting successful security audits.

Skilled in producing comprehensive cybersecurity audit reports, risk assessments, and authorization documentation.

Strong understanding of cloud deployment models (IaaS, PaaS, SaaS) and cloud service architecture.

Proficiency in cloud governance, identity management, and encryption methodologies.

Excellent communication and documentation skills, with the ability to convey technical concepts to diverse audiences.

Demonstrated leadership and collaboration abilities in cross-functional cybersecurity and infrastructure teams.