Cloud Computing Specialist (CCS) – Subject Matter Expert (SME)

About The Position

Requirements

• Five (5) years of relevant C&A experience
• Risk Management Framework (RMF) and NIST C&A experience
• DOD Cybersecurity experience
• Experience in assessing Cybersecurity Controls and conducting C&A reviews for large, complex Information systems.
• Experience with modern and dynamic computing (e.g., hybrid computing, edge computing, cloud native microservices) and networking protocols or standard Internet of Things (IoT) protocols.
• Experience and well-versed in FedRAMP assessment methodology of security and privacy controls deployed in cloud information systems, including six (6) domain areas, which include: Architectural Concepts & Design Requirements, Cloud Data Security, Cloud Platform & Infrastructure Security, Cloud Application Security, Operations, Legal & Compliance.
• Certification as a Certified Cloud Security Professional
• Must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at time of proposal submission.
• Strong verbal communication skills, including the ability to brief government leadership and technical stakeholders.

Nice To Haves

• Experience supporting multiple cloud service models (IaaS, PaaS, SaaS)
• Experience supporting enterprise DoD cloud programs

Responsibilities

• Provide subject matter expertise in cloud security compliance and authorization activities.
• Lead and support RMF implementation efforts for cloud-hosted systems.
• Conduct cybersecurity control assessments in accordance with NIST SP 800-53 and NIST SP 800-37.
• Develop and maintain authorization artifacts, including SSPs, POA&Ms, and supporting documentation.
• Perform FedRAMP-based security assessments and evaluate cloud security/privacy controls.
• Identify, manage, and mitigate cloud security risks across deployment and service models.
• Provide recommendations for cloud security best practices across hybrid and cloud-native environments.