Cloud Security Engineer

eTRANSERVICES
Hyattsville, MD

An Active Public Trust Clearance is required for these positions.

Summary

Risk Management Framework and Cloud Security Operations Support Service

Key Duties:

  • Provide dedicated cloud security technical expertise supporting NCHS IT modernization and CDC/NCHS cloud migration efforts.
  • Support FedRAMP-aligned SA&A activities for cloud-hosted NCHS systems, including authorization boundary definition, SSP cloud-specific sections, and continuous monitoring integration.
  • Develop and maintain the annual Security Authorization Boundary Inventory & Strategy Report (due first week of December).
  • Produce cloud security governance documentation including data flow diagrams, system boundary descriptions, and interconnection security agreements (ISAs/MOUs).
  • Evaluate cloud architectures against FedRAMP Moderate control baselines (NIST SP 800-53 Rev. 5); identify and document gaps.
  • Support cloud migration security reviews under the HHS Enterprise Performance Lifecycle (EPLC) framework.
  • Advise on cloud-native security tooling, CSPM configurations, and continuous monitoring pipeline integration for FedRAMP-compliant environments.
  • Contribute to Ad Hoc Technical Support Deliverables for cloud-related requests as directed by the COR.



Qualifications

5+ years of information security experience; 3+ years specifically in cloud security, cloud migration, and FedRAMP authorization support.

  • Working knowledge of FedRAMP authorization processes (JAB P-ATO, agency ATO, Moderate/High baselines, continuous monitoring).
  • Hands-on experience with major CSP environments — AWS GovCloud, Microsoft Azure Government, or Google Cloud Government.
  • Familiarity with NIST SP 800-37, 800-53 Rev. 5, OMB M-23-22, and applicable HHS/CDC cloud security policy and FISMA requirements.
  • Ability to independently produce technically accurate FedRAMP boundary diagrams and authorization documentation accepted by federal ISSOs.
  • Proficiency with GRC platforms (Archer or equivalent) and cloud security assessment tools.

Experience supporting EPLC security reviews and IT acquisition security governance for cloud-based systems.


Certifications

  • Certified Cloud Security Professional (CCSP — ISC²) — strongly preferred
  • AWS Certified Security – Specialty or Microsoft Certified: Azure Security Engineer — preferred
  • Certified Authorization Professional (CAP) — preferred
  • CompTIA Cloud+ or CompTIA Security+ — acceptable

Job Information

Related jobs

TechDoQuest
Lisle, IL
Posted -
View
Saransh Inc
Dallas, TX
Posted -
View
Dahl Consulting
Brooklyn Park, MN
Posted -
View
Chasepro
Mechanicsburg, PA
Posted -
View
eTRANSERVICES
Hyattsville, MD
Posted -
View
United Theranostics
Bethesda, MD
Posted -
View
Show More Jobs
Trending Job Titles
Trending Locations
Trending Companies
Trending Categories
// // //