Cloud Security Engineer

Centurion is looking for multiple Cloud Security professionals in the Boston, MA and Huntsville, AL area. All roles require at least a secret clearance

Education and Years of Experience:

• Bachelor’s Degree and 8+ years or more of experience; Master’s and 6+ years or more of experience, additional years of experience may be accepted in lieu of degree.

Program Description:

• This role supports the U.S. Air Force Cloud One Architecture and Common Shared Services contract and currently has an opening for a Cloud Security Architect. This position will coordinate across multiple areas as the program supports AWS, Azure, Google, and Oracle clouds. This is an exciting opportunity to use your experience to modernize a leading, global-scale multi-cloud environment in support of a critical mission, supporting USAF system resiliency, security, and cost effectiveness.

Location:

• This position will be hybrid remote. Candidates will be required to work onsite as needed. Candidates need to be located near Hanscom AFB (Boston, MA).

Responsibilities:

• We are seeking highly capable Cloud Architects with expertise in multiple cloud platforms. A successful individual will be responsible for designing scalable cloud-native solutions, leading development efforts, and ensuring best practices across architecture, development, deployment, and security. This is a combination management and hands-on technical role that requires rolling up your sleeves to architect, code, debug, and mentor.
• Design, deploy, configure, operate, and maintain authorizations and accreditation of the C1 Architecture for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure in NIPRNet and SIPRNet.
• Serve as Subject Matter Expert (SME) for all IT stakeholders involved with system design, system builds, and Authority to Operate (ATO) efforts on cybersecurity requirements and tooling.
• Support the cybersecurity authorizations team developing artifacts required to achieve milestones such as Interim Authority Test (IATT) and Authorization to Operate (ATO).
• Experience engineering solutions to support migration of security controls from NIST 800-53 Rev 4 to 800-53 Rev 5.
• Ensure compliance with SCCA, Cloud SRG, and other STIG/SRG requirements.
• Support Continuous Authorization to Operate (cATO) within a DevSecOps or cloud-based environment, including implementation of automated control validation, continuous monitoring integration, and real-time POA&M management.
• Create RMF-required authorization-related documentation and artifacts and support ATO sustainment activities for C1 and DPaaS environments.
• Conduct routine Insider Threat Assessment and document results in the Contractor’s System Security Plan
• Continuously monitor system resources through automated scanning and implement automated reporting feeds to support cybersecurity authorizations.
• Verify patch compliance using the approved technical solutions and conduct remediation activities.
• Provide and execute a plan for enterprise vulnerability and compliance scanning.
• Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components.
• Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials
• Work closely with government Cyber & technical teams to support ATO conditions and requirements.
• Prepare detailed technical documentation to support development and operational processes
• Collaborate with team members and provide mentorship to junior staff, fostering a learning environment
• Create reference architectures, design patterns, and technical standards for cloud implementations.

Required Skills:

• Bachelor’s Degree and 8+ years or more of experience; Master’s and 6+ years or more of experience, additional years of experience may be accepted in lieu of degree.
• Must have an active Secret clearance.
• US citizenship required.
• Interim Secret clearance required to start; Ability to obtain Secret clearance required to maintain employment
• Certifications: CompTIA Security+ or equivalent (IAT-2)

Preferred Skills

• Experience with USAF Cloud One or Platform 1.
• Experience with Zero Trust Architecture.
• Experience with USAF Cloud One or Platform 1
• Experience with automation/tools like EvalSTIG, STIG Manager, Ansible etc.
• Cloud certifications in AWS, ACAS, and Cloud Native Services, DoD ACAS certified
• Certifications: CISSP or equivalent (IAT-3)