Cloud Security Lead SME

About The Position

Requirements

• Current Secret security clearance.
• 12 or more years of progressively responsible experience in cybersecurity, cloud security, or a closely related field, with demonstrated expert-level proficiency securing mission-critical cloud environments in support of DoW or federal government programs.
• DoW 8140/8570 IAM Level I baseline certification, satisfied by one of the following active credentials: CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Demonstrated experience implementing and assessing Zero Trust security capabilities in alignment with the DoW Zero Trust Reference Architecture and NIST SP 800-207, including Attribute-Based Access Control, Privileged Access Management, Identity and Access Management federation, and continuous monitoring across multi-enclave cloud environments.
• Hands-on experience executing Risk Management Framework activities, including preparation and management of cybersecurity Body-of-Evidence artifacts, eMASS administration, and support for Authority to Operate processes across multiple security enclaves.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).

Responsibilities

• Provides enterprise cloud security oversight supporting Department of War mission systems operating within AWS GovCloud, Azure Government, and approved DoW cloud environments.
• Monitors cloud-native security posture using Cloud Security Posture Management platforms integrated with native provider tooling to identify misconfigurations, policy drift, and compliance gaps.
• Configures and enforces cloud security controls aligned to the DoW Cloud Computing Security Requirements Guide, Zero Trust Architecture, and Risk Management Framework objectives.
• Reviews Infrastructure-as-Code artifacts to validate secure baseline configurations prior to deployment, integrating security checks into DevSecOps pipelines and automated compliance workflows.
• Analyzes cloud audit logs, configuration events, and security alerts to support continuous monitoring, threat detection, and incident response coordination.
• Collaborates with cloud engineers, platform teams, and cybersecurity leadership to remediate findings impacting authorization posture and mission availability.
• Maintains traceable evidence supporting security assessments, authorization packages, and ongoing compliance reporting through eMASS, SharePoint, and centralized dashboards.
• Produces cloud security posture reports, risk summaries, and remediation plans for Authorizing Officials and senior cybersecurity leadership.
• Supports cloud migration initiatives by embedding security requirements into design reviews, architecture decisions, and operational handoff processes.
• Delivers measurable improvements in cloud compliance posture, configuration consistency, risk visibility, and operational resilience while reinforcing program values of security-by-design, accountability, mission assurance, and disciplined cloud operations.
• Performs other duties as assigned.