Compliance ATO Architect

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related field, OR equivalent experience.
• Must be able to obtain and maintain a Public Trust clearance.
• 8+ years of experience in cybersecurity, security architecture, or compliance supporting federal or regulated environments.
• 5+ years of hands-on experience leading systems through the full Authorization to Operate (ATO) lifecycle in accordance with NIST RMF or FedRAMP.
• Deep knowledge of NIST 800-53 security controls, FISMA requirements, and continuous monitoring practices.
• Experience architecting secure solutions in cloud environments (AWS, Azure, GCP, and/or OCI), including identity management, network security, boundary protection, logging/monitoring, and encryption strategies.
• Proven ability to translate compliance and security requirements into actionable technical architecture guidance for engineering, cloud, and development teams.
• Experience creating and maintaining ATO documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), Incident Response Plans, Contingency Plans, policies, and related artifacts.
• Experience coordinating with ISSOs, Information System Security Engineers (ISSEs), Security Control Assessors (SCAs), PMs, and Authorizing Officials throughout the ATO lifecycle.
• Understanding of Zero Trust principles and secure-by-design architectural approaches.
• Strong ability to evaluate security evidence, conduct gap analyses, and drive remediation plans to closure.
• Experience with compliance automation tools (e.g., Splunk, Prisma, ConMon tools, OpenSCAP, AWS Security Hub, Azure Security Center).
• Excellent written and verbal communication skills, including the ability to clearly explain complex compliance requirements to technical and non-technical stakeholders.

Nice To Haves

• Relevant certifications, such as: Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Certified Authorization Professional (CAP) Certified Information Security Manager (CISM) AWS, Azure, GCP, or OCI cloud security certifications
• Experience leading ATOs for large-scale, mission-critical federal systems.
• Experience performing or supporting security assessments (SCA).
• Knowledge of DevSecOps practices and how to embed compliance into secure pipelines.
• Knowledge of automation scripts or IaC tools (CloudFormation, Terraform, Ansible).

Responsibilities

• Lead and manage the full ATO lifecycle for cloud and on-prem systems, ensuring compliance with NIST RMF, FedRAMP, and agency-specific requirements.
• Design secure, compliant architectural patterns and guide engineering teams in implementing them.
• Collaborate with development, platform, and infrastructure teams to ensure systems meet security control baselines.
• Create, review, and update ATO documentation, ensuring completeness, accuracy, and audit readiness.
• Conduct gap assessments, review security evidence, and coordinate remediation efforts.
• Work with Information System Security Officers (ISSOs), system owners, security assessors, and Authorizing Officials to support risk determinations throughout the ATO process.
• Implement continuous monitoring strategies and ensure ongoing compliance.
• Advise leadership on risk posture, architectural tradeoffs, and compliance impacts across systems and services.