IA/Cyber/Cloud Admin

About The Position

Requirements

• Secret – Fully Cleared Only, must confirm clearance is active
• Client 8140 intermediate certification or client 8570 IAM Level II certifications or higher
• US Citizens Only
• Bachelor’s degree in IT, Engineering, Computer Science, or a related field
• 5-7 years in Cloud Engineering/Admin or Cybersecurity.
• Experience with cloud platforms (Cloud One, AWS, Azure Government)
• Experience securing CI/CD pipelines and DevSecOps environments
• Experience with Kubernetes/Docker containerization, CI/CD tools (Jenkins, GitLab CI), AWS/Azure Services, and IaC (Terraform).
• Familiarity with client cybersecurity mandates (RMF, STIGs).
• Familiarity with container security (Docker, Kubernetes security practices)
• Experience with vulnerability scanning and security tools (e.g., Nessus, Fortify, SonarQube, Anchore)

Nice To Haves

• Master’s degree preferred.
• Experience working with Agile development teams of 20+ FTEs and be familiar with Agile methodologies.
• DoD 8570/8140 compliance (e.g., CISSP, Security+ CE, CASP+ CE).
• Experience supporting Air Force maintenance/logistics platforms
• Familiarity with Platform One / DoD software factory ecosystem

Responsibilities

• Administer and secure cloud environments, including client Cloud One, AWS, and hybrid infrastructures supporting REMIS
• Implement and maintain security controls across CI/CD pipelines, ensuring secure code integration, build, and deployment processes
• Support RMF (Risk Management Framework) activities, including control implementation, assessment support, and ATO sustainment
• Configure and maintain STIG-compliant systems, ensuring alignment with client hardening and configuration standards
• Integrate and manage automated security tools within DevSecOps pipelines (SAST, DAST, container scanning, dependency scanning)
• Monitor system security posture using continuous monitoring tools, log aggregation, and alerting platforms
• Conduct vulnerability assessments, remediation tracking, and security reporting
• Implement security analysis tools (SAST, DAST, SCA) into CI/CD pipelines to identify vulnerabilities early.
• Ensure cloud systems meet Risk Management Framework (RMF) standards (NIST 800-53), including ATO (Authority to Operate) support and documentation.
• Perform automated cybersecurity testing and manage STIG compliance, conducting scan evaluations using ACAS (Assured Compliance Assessment Solution).
• Develop and maintain automation scripts for patching, configuration management, and evidence collection to support continuous authorization.
• Provision, configure, and maintain client cloud infrastructure (AWS GovCloud, Azure Government, IL2-IL6) using Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
• Maintain secure configurations for cloud, virtualized, and hybrid environments, ensuring availability and resilience
• Collaborate with development, DevSecOps, and cloud engineering teams to embed security into system design and deployment workflows
• Maintain documentation including security plans, SSPs, POA&Ms, and configuration baselines
• Support incident response activities, including investigation, containment, and corrective action implementation
• Collaborate with agile software teams to remediate application risks.
• Manage Cloud Service Provider (CSP) security tools (AWS Security Hub, Azure Defender).
• Troubleshoot cloud-based application performance and security issues.
• Apply security patches and manage IAVAs (Information Assurance Vulnerability Alerts).