Key skills
AWSCloudDockerKubernetesECSIAMCI/CDCommunicationNetwork SecurityCloud Security
About this role
Role Overview
- Lead the development, documentation, and implementation of security controls aligned with NIST 800-171 and NIST 800-53 frameworks
- Own and maintain compliance artifacts including System Security Plans (SSP), Plans of Action and Milestones (POA&M), and supporting documentation
- Drive Assessment and Authorization (ATO) efforts, including preparation of authorization packages and coordination with assessors
- Collaborate with engineering and DevOps teams to integrate security controls into cloud infrastructure, CI/CD pipelines, and application architectures
- Conduct risk assessments, maintain risk registers, and lead remediation efforts for identified security gaps
- Develop and enforce security policies, procedures, and standards aligned with Federal and customer requirements
- Evaluate and document security controls across AWS environments, containerized systems, and operational processes
- Support SOC 2 Type 2 readiness, including audit preparation, evidence collection, and control validation
- Monitor changes in regulatory requirements and proactively update security controls and documentation
- Contribute to incident response planning, documentation, and post-incident analysis
Requirements
- 5+ years of experience in security engineering, compliance, or information assurance roles
- Deep expertise in NIST 800-171 and NIST 800-53 security frameworks
- Proven experience developing and maintaining SSPs, POA&Ms, and audit-ready compliance documentation
- Hands-on experience supporting ATO/ATT processes in Federal or defense environments
- Strong experience with AWS cloud security, including IAM, VPC architecture, encryption, and logging
- Experience implementing security controls in containerized environments (Docker, Kubernetes, ECS)
- Solid understanding of identity and access management, secrets management, and network security principles
- Excellent written communication skills with the ability to produce clear, thorough, and audit-ready documentation
- Strong organizational skills and the ability to manage multiple concurrent compliance initiatives
Tech Stack
- AWS
- Cloud
- Docker
- Kubernetes
Benefits
- Competitive salary and benefits
- Full health coverage
- Unlimited PTO
- Flexible work hours