Cloud Security Lead SME

Job Description

Everforth ECS is seeking a Product Manager SME to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award.

The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP focuses on operational warfighting data and aims to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.

The Cloud Security Lead SME is a senior subject matter expert responsible for the enterprise cloud security posture of the WDP across NIPRNet, SIPRNet, and JWICS environments, serving as the authoritative voice on Zero Trust compliance, Risk Management Framework execution, and cloud security architecture across all WDP-supported Cloud Service Provider environments. This role works in close coordination with cybersecurity leadership, platform engineers, and Authorizing Officials to sustain and continuously improve the authorization posture of mission-critical cloud infrastructure supporting the DoW's AI-First mission.
Provides enterprise cloud security oversight supporting Department of War mission systems operating within AWS GovCloud, Azure Government, and approved DoW cloud environments.
Monitors cloud-native security posture using Cloud Security Posture Management platforms integrated with native provider tooling to identify misconfigurations, policy drift, and compliance gaps.
Configures and enforces cloud security controls aligned to the DoW Cloud Computing Security Requirements Guide, Zero Trust Architecture, and Risk Management Framework objectives.
Reviews Infrastructure-as-Code artifacts to validate secure baseline configurations prior to deployment, integrating security checks into DevSecOps pipelines and automated compliance workflows.
Analyzes cloud audit logs, configuration events, and security alerts to support continuous monitoring, threat detection, and incident response coordination.
Collaborates with cloud engineers, platform teams, and cybersecurity leadership to remediate findings impacting authorization posture and mission availability.
Maintains traceable evidence supporting security assessments, authorization packages, and ongoing compliance reporting through eMASS, SharePoint, and centralized dashboards.
Produces cloud security posture reports, risk summaries, and remediation plans for Authorizing Officials and senior cybersecurity leadership.
Supports cloud migration initiatives by embedding security requirements into design reviews, architecture decisions, and operational handoff processes.
Delivers measurable improvements in cloud compliance posture, configuration consistency, risk visibility, and operational resilience while reinforcing program values of security-by-design, accountability, mission assurance, and disciplined cloud operations.
Performs other duties as assigned.

Required Skills

Current Secret security clearance.
12 or more years of progressively responsible experience in cybersecurity, cloud security, or a closely related field, with demonstrated expert-level proficiency securing mission-critical cloud environments in support of DoW or federal government programs.
DoW 8140/8570 IAM Level I baseline certification, satisfied by one of the following active credentials: CompTIA Security+ CE, ISC CAP, ISC SSCP, or GIAC GSLC.
Demonstrated experience implementing and assessing Zero Trust security capabilities in alignment with the DoW Zero Trust Reference Architecture and NIST SP 800-207, including Attribute-Based Access Control, Privileged Access Management, Identity and Access Management federation, and continuous monitoring across multi-enclave cloud environments.
Hands-on experience executing Risk Management Framework activities, including preparation and management of cybersecurity Body-of-Evidence artifacts, eMASS administration, and support for Authority to Operate processes across multiple security enclaves.
Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).

Desired Skills

Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
Active Certified Information Systems Security Professional (CISSP) certification, or an equivalent advanced cybersecurity credential such as CCSP, CISM, or AWS Certified Security Specialty.
Prior experience supporting cloud security operations on DoW, intelligence community, or defense AI/ML programs operating across NIPRNet, SIPRNet, and JWICS environments, including familiarity with cross-domain security services and enclave-specific compliance requirements.
Experience with cloud-native and third-party security tooling such as Splunk, AWS Security Hub, AWS Config, Microsoft Defender for Cloud, or equivalent SIEM and CSPM platforms used to support continuous monitoring and automated compliance reporting.
Bachelor's or Master's degree in Cybersecurity, Information Assurance, Computer Science, or a closely related technical field.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven

Meet the challenge. Make a difference with Everforth ECS!