Cloud Security Architect

About the Role

This position supports the U.S. Air Force Cloud One Architecture and Common Shared Services contract, seeking a Cloud Security Architect. The role involves coordinating across multiple cloud platforms, including AWS, Azure, Google, and Oracle. This is an exciting opportunity to leverage your experience to modernize a leading, global-scale multi-cloud environment in support of a critical mission, enhancing USAF system resiliency, security, and cost-effectiveness.

Location

This position is hybrid remote. Candidates are required to work onsite as needed and must be located near Hanscom AFB (Boston, MA).

Responsibilities

We are seeking highly capable Cloud Architects with expertise in multiple cloud platforms. A successful individual will be responsible for designing scalable cloud-native solutions, leading development efforts, and ensuring best practices across architecture, development, deployment, and security. This is a combination management and hands-on technical role requiring architects to design, code, debug, and mentor.

• Design, deploy, configure, operate, and maintain authorizations and accreditation of the C1 Architecture for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure in NIPRNet and SIPRNet.
• Serve as Subject Matter Expert (SME) for all IT stakeholders involved with system design, system builds, and Authority to Operate (ATO) efforts on cybersecurity requirements and tooling.
• Support the cybersecurity authorizations team in developing artifacts required to achieve milestones such as Interim Authority Test (IATT) and Authorization to Operate (ATO).
• Engineer solutions to support the migration of security controls from NIST 800-53 Rev 4 to 800-53 Rev 5.
• Ensure compliance with SCCA, Cloud SRG, and other STIG/SRG requirements.
• Support Continuous Authorization to Operate (cATO) within a DevSecOps or cloud-based environment, including implementation of automated control validation, continuous monitoring integration, and real-time POA&M management.
• Create RMF-required authorization-related documentation and artifacts and support ATO sustainment activities for C1 and DPaaS environments.
• Conduct routine Insider Threat Assessments and document results in the Contractor’s System Security Plan.
• Continuously monitor system resources through automated scanning and implement automated reporting feeds to support cybersecurity authorizations.
• Verify patch compliance using approved technical solutions and conduct remediation activities.
• Provide and execute a plan for enterprise vulnerability and compliance scanning.
• Implement security procedures, verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code, and other components.
• Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials.
• Work closely with government Cyber & technical teams to support ATO conditions and requirements.
• Prepare detailed technical documentation to support development and operational processes.
• Collaborate with team members and provide mentorship to junior staff, fostering a learning environment.
• Create reference architectures, design patterns, and technical standards for cloud implementations.

Required Skills

• Bachelor’s Degree and 8+ years of experience, OR Master’s Degree and 6+ years of experience. Additional years of experience may be accepted in lieu of a degree.
• Must hold an active Secret clearance.
• US Citizenship required.
• Interim Secret clearance required to start; Ability to obtain a Secret clearance is required to maintain employment.
• Certifications: CompTIA Security+ or equivalent (IAT-2).

Preferred Skills

• Experience with USAF Cloud One or Platform 1.
• Experience with Zero Trust Architecture.
• Experience with automation/tools like EvalSTIG, STIG Manager, Ansible, etc.
• Cloud certifications in AWS, ACAS, and Cloud Native Services; DoD ACAS certified.
• Certifications: CISSP or equivalent (IAT-3).

Benefits

SES provides a competitive salary and the following benefits:

• Medical
• Dental
• Vision
• AD&D
• STD
• LTD
• Company-paid Life Insurance
• 401k with employer contribution
• Paid Time Off
• Pet Insurance