​This is a full-time, 100% remote Cybersecurity Engineer role responsible for the comprehensive design, development, and integration of secure architectures for Military OneSource environments. The engineer ensures strict compliance with DoD and federal security frameworks, with a strong emphasis on AWS GovCloud and the Risk Management Framework (RMF) process.

• ​Location: Remote (United States).
• ​Clearance: Active Secret clearance is required.
• ​Certification (Required): DoD 8570 certification at IAT Level III or IAM Level III (e.g., CASP+ CE, CISSP, CISM, CCSP).
• ​Experience: Bachelor’s Degree and a minimum of five years of experience.
• ​Focus: Designing secure AWS GovCloud architectures (IL4/IL5), implementing AWS-native security services, managing RMF artifacts (SSPs, POA&Ms), and ensuring compliance with DoD SRG, FedRAMP, and NIST 800-53.

​Responsibilities & Expertise: Architecture, Compliance, and Cloud Security

​The engineer acts as a core security architect, ensuring functional and compliant operation across hybrid cloud infrastructures.

​Cloud Architecture & Implementation

• ​Design & Development: Develop and design secure and functional system architectures for on-premises and cloud environments, focusing on AWS GovCloud and FedRAMP-authorized services.
• ​AWS Security Services: Implement and manage native AWS security services: Security Hub, GuardDuty, Inspector, CloudTrail, CloudWatch, Macie, Config, and IAM Access Analyzer to detect, monitor, and remediate risks.
• ​Cryptography: Manage cryptographic key generation and lifecycle operations within AWS KMS and other approved key management systems, ensuring FIPS 140-3 encryption compliance.
• ​Detection: Design and oversee intrusion detection and prevention architectures, leveraging AWS-native and DoD-approved tools (ACAS, HBSS, IDS/IPS).

​Compliance & Documentation

• ​RMF & FedRAMP: Ensure full compliance with DoD Instruction 8510.01 (RMF for DoD IT), FedRAMP Moderate/High, and NIST SP 800-53 Rev 5 baselines.
• ​Assessments: Conduct comprehensive system security, vulnerability, and Privacy Impact Assessments (PIAs). Evaluate inherited and shared controls from cloud service providers.
• ​Artifacts: Produce and maintain technical documentation, including RMF artifacts, SSPs (System Security Plans), SARs, POA&Ms, and PIAs.
• ​Continuous Monitoring (ConMon): Support ConMon activities through integration of ACAS scan results, AWS security alerts, and event-driven reporting.
• ​Privacy Standards: Research and apply privacy standards, including HIPAA and the Privacy Act of 1974.
• ​Zero Trust: Direct installation and configuration of security solutions, ensuring compliance with Zero Trust principles.

​Required Qualifications

• ​Clearance & Citizenship: Active Secret clearance and U.S. Citizenship are mandatory.
• ​Certification: DoD 8570 certification at IAT Level III or IAM Level III (e.g., CISSP, CISM).
• ​Experience: Proven experience designing and implementing secure AWS architectures compliant with FedRAMP and DoD SRG IL4/IL5 requirements.
• ​Technical Tools: Demonstrated expertise using AWS security services (listed above). Proficiency in vulnerability management and continuous monitoring tools (ACAS, Nessus, Splunk).
• ​Frameworks: Strong working knowledge of FedRAMP, NIST SP 800-53 Rev 5, DoD Cloud Computing SRG, and RMF processes.
• ​Communication: Excellent communication and technical writing skills for preparing compliance documentation.