Senior Cloud Cybersecurity Engineer

The Senior Cloud Cybersecurity Engineer leads the accreditation and ongoing operation of the DOMEX Technology Platform (DTP) OSINT stack within cloud environments, emphasizing RMF compliance, robust security controls, and secure DevSecOps integration. This onsite role is based in Bethesda, MD, and offers a salary range of USD 131,300 to 237,350 per year.

Responsibilities

• Collect, review, and assess system cybersecurity, architecture, and engineering artifacts, delivering actionable feedback to engineering teams.
• Evaluate system cybersecurity Body-of-Evidence results needed to support DoD and IC RMF authorization processes.
• Perform periodic compliance scanning, vulnerability assessments, and risk analyses for cloud-based systems.
• Implement and manage security controls for containerized applications and the underlying cloud infrastructure.
• Collaborate with DevSecOps, infrastructure, and software development teams to promote secure coding and engineering practices.
• Ensure security measures are integrated into software development workflows, CI/CD pipelines, and engineering tools.
• Develop, maintain, and execute shell commands, scripts, and automation code to achieve STIG compliance and validation.
• Implement and manage continuous monitoring solutions for cloud-based architectures.
• Support government cybersecurity officials and program personnel in preparing cybersecurity packages, including Interim Authority to Test (IATT), Authority to Operate (ATO), and Change Requests (CRs).
• Maintain awareness of emerging cloud security threats, technologies, and industry best practices.

Requirements

• Clearance: Active Top Secret with SCI eligibility and the ability to obtain a polygraph.
• Education and experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or a related technical discipline with 12–15 years of relevant experience, or Master’s degree with 10–13 years of relevant experience. Additional years may be considered in lieu of a degree. ISSO experience must be complemented by demonstrated technical expertise.
• Certifications: At least one DoD 8570.01-M IAT or IAM Level II or higher certification (eg, CCNA Security, CySA+, Security+ CE, CISSP or Associate) and the ability to obtain Privileged User Account (PUA)/elevated access per DoD 8570 policy.
• Technical skills: Hands-on experience with Linux operating systems and scripting languages such as Bash, Python, or Perl.
• Cloud experience: Experience with Commercial Cloud Services (C2S) and cloud-based enterprise services, preferably AWS.
• Security control implementation: Proven experience securing software applications and infrastructure by applying security controls.
• RMF processes: Experience supporting RMF processes including authorization and continuous monitoring.
• Standards: Familiarity with NIST SP 800-37, SP 800-53 Rev4 or Rev5, CNSSI 1253, and applicable DoDI publications.
• STIG and RMF tooling: Experience implementing and validating STIG compliance across OS, database, server, and application tiers; proficiency with RMF/GRC platforms such as Xacta or eMASS.
• Security testing tools: Experience performing compliance and vulnerability scans and using related tools for SIEM, SAST, and DAST.
• Cloud security posture: Demonstrated understanding of cloud specific threats and the required security posture.
• Kubernetes and CI/CD: Understanding of securing Kubernetes platforms and integrating security into CI/CD pipelines, containers, and platform orchestration tools.

Technologies

• Bash
• Python
• Perl
• Linux
• AWS
• Commercial Cloud Services (C2S)
• Kubernetes
• Xacta
• eMASS
• SAST
• DAST
• SIEM
• STIG
• RMF

Benefits

• Paid Time Off
• 11 paid Holidays
• 401K with a 6% company match and immediate vesting
• Flexible Schedules
• Discounted Stock Purchase Plans
• Technical Upskilling
• Education and Training Support
• Parental Paid Leave