Cloud Security & Compliance Engineer

Overview

DecisionPoint seeks a Cloud Security & Compliance Engineer to support cybersecurity compliance, RMF alignment, and IL5 cloud security operations for AWS GovCloud environments supporting a large federal and DoD-aligned mission environment. This role performs impact analysis, updates RMF documentation, maintains STIG compliance, validates security configurations, and ensures IL5 cybersecurity continuity throughout migration and modernization activities.

The Cloud Security & Compliance Engineer works closely with cloud architects, ISSM/ISSO teams, cybersecurity analysts, DevSecOps engineers, and system administrators to maintain a secure, compliant, and continuously monitored cloud ecosystem.

This position is fully remote.

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid.

Duties & Responsibilities

The Cloud Security & Compliance Engineer will:

• Perform RMF impact analysis for system changes affecting cloud security posture.

• Update and maintain RMF documentation including SSPs, POA&Ms, SARs, and control evidence.

• Ensure STIG compliance for cloud services, operating systems, containers, and supporting components.

• Validate encryption configurations, IAM changes, auditing controls, and logging requirements.

• Support continuous monitoring, vulnerability management, and remediation tracking.

• Assist with IL5 migration security validation, ensuring no degradation of compliance during transitions.

• Review configuration baselines, IaC templates, and cloud security policies for alignment with RMF and Zero Trust.

• Conduct log analysis and correlate findings with SIEM outputs for compliance and incident follow-up.

• Support COOP/DR planning from a security controls perspective, ensuring continuity of protections.

• Assist ISSM and ISSO teams during audits, assessments, and ATO-related activities.

• Document security findings, remediation steps, and compliance reports for leadership review.

• Participate in Change Control Board (CCB) meetings to evaluate security impacts of proposed updates.

Qualifications

Clearance Requirement

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation.

Education (Required)

Bachelor's degree in Computer Science, Information Technology, Systems Administration, or a related field.

Experience (Required)

• Minimum 5 years of experience in cloud security, cybersecurity compliance, or system security engineering.

• Experience performing RMF support activities including SSP updates, POA&M management, and continuous monitoring.

• Experience validating compliance against STIGs, IL5 configurations, and federal security controls.

• Experience troubleshooting cloud security issues in AWS or secure federal environments.

Technical Knowledge (Required)

• Familiarity with AWS GovCloud IL5 security controls, logging, monitoring, and IAM best practices.

• Knowledge of RMF processes, STIG requirements, and federal cybersecurity frameworks.

• Understanding of encryption, auditing, IAM, and boundary defense in cloud environments.

• Familiarity with vulnerability scanning, remediation workflows, and compliance validation.

Technical Knowledge (Preferred)

• Experience with automation for compliance validation or policy-as-code.

• Experience with SIEM platforms, SOAR tools, or security analytics.

• Familiarity with container hardening and cloud-native security architectures.

Certifications

Required:

• CompTIA Security+ or AWS Cloud Practitioner

Preferred:

• ITIL v4 Foundation

• AWS Security Specialty

• CISSP, CCSP, or other advanced cybersecurity certifications

Skills

• Strong analytical and problem-solving abilities for cloud security and compliance issues.

• Excellent communication skills for coordination with cybersecurity and engineering teams.

• High attention to detail in documentation and RMF artifact maintenance.

• Ability to manage multiple tasks and deadlines in a mission-focused environment.

• Strong understanding of secure cloud operations and IL5 compliance.

Our Equal Employment Opportunity Policy

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.