Senior Cyber Cloud Assessment Engineer
About Us
AGE Solutions is looking for a Senior Cyber Cloud Assessment Engineer to join our team in support of an upcoming cybersecurity risk management and assessment program with our DoD customer. As a Team Lead, you will be responsible for performing analysis, conducting independent validations of assessments, and Continuous Monitoring (ConMon) for authorized CSPs and CSOs.
Individuals in this role must be available to work on-site at Ft. Meade, MD for the majority of the workweek.
Responsibilities Include:
- Conduct cybersecurity assessments and validations of Cloud Service Offerings (CSOs) in support of the Department of Defense (DoD) Provisional Authorization (PA) process.
- Evaluate Cloud Service Provider (CSP) documentation packages following government guidance and procedures, including key artifacts such as the Cloud Architecture Diagram, System Security Plan (SSP), SSP Addendum, Readiness Assessment Report (RAR), System Architecture, Security Assessment Plan (SAP), Security Assessment Report (SAR), and associated Plans of Action & Milestones (POA&Ms).
- Review, analyze, and process additional documents including Change Requests, Extension Requests, Deviation Requests, Whitelist Requests, Corrective Action Plans, templates, process guide approvals, and continuous monitoring (ConMon) artifacts for existing Provisional Authorizations.
- Prepare and deliver up to 30 Cloud Security Assessment Packages annually, each including validated cybersecurity controls, certifier recommendations, and a statement of residual risk.
- Participate in technical kickoff meetings and review preliminary documentation to assess a CSP’s readiness posture.
- Analyze and provide detailed feedback on CSP submissions such as the RAR, SAP, SSP, and architectural diagrams.
- Assess and document the operational impact of authorizations, changes, and vulnerabilities on the CSP environment.
- Develop Cloud Security Assessment Packages in accordance with established guidelines, including the SAR, POA&M, and any Deviation Requests.
- Draft Authorization Recommendation Memoranda outlining CSO compliance with DoD cybersecurity controls, residual risks, and technical findings.
- Prepare formal DoD Provisional Authorization memoranda, detailing authorization length, CSO boundary, services provided, operating conditions, DoD usage considerations, and follow-on activities.
- Validate CSO controls within eMASS or other government-provided Governance, Risk, and Compliance (GRC) tools; ensure accurate tracking in the Mission Status Report (MSR).
- Review and verify the Customer Responsibility Matrix (CRM), ensuring proper control inheritance is reflected in eMASS/GRC systems.
- Upload authorization conditions as system-level POA&Ms in eMASS and monitor their resolution.
- Organize and associate all received documentation with applicable security controls within eMASS.
- Maintain and update the DoD Cloud Process Guide, including all checklists, templates, forms, and guidance documents.
- Assist in developing internal requirements and how-to guides for assessors conducting CSP validations.
- Document and refine assessment procedures and validation best practices to align with DoDI 8510.01 and the DoD Cloud Computing Security Requirements Guide (SRG).
- Contribute to the ongoing development and annual updates of the DoD Cloud Assessment Process Guides as requested by the Government.
Requirements:
- Bachelor's degree (IT-related field preferred)
- Eight (8) years of overall experience in cybersecurity or network security position
- Have an active DoD Top Secret clearance with SCI eligibility
- DoD 8570 IAM/IA Technical (IAT) Level III certification**
- Solid understanding of DoD Risk Management Framework (RMF), DoDI 8510.01, and DoD Cloud Computing Security Requirements Guide (SRG)
- Hands-on experience with eMASS or other government-provided GRC tools
- Familiarity with cloud security documentation, including SSPs, SARs, RARs, and POA&Ms
- Ability to analyze complex cloud architectures and provide accurate risk assessments
- Strong technical writing and communication skills to produce security assessment reports and formal recommendations
Compensation: $140,000 - $150,000
At AGE, we genuinely care for our people, offering 26 days of paid time off and a culture that celebrates success with events, bonuses, and profit sharing—over 80% of profits go back to our team. We provide financial security through competitive pay, short- and long-term disability coverage, a 401(k) with 3% match and immediate vesting, and company-paid life insurance up to $300K. We support your growth with paid training & certifications, tuition reimbursement, and the technology you need to succeed. Our health benefits include multiple medical plans, plus dental and vision coverage.
At AGE, we empower you to grow, thrive, and feel valued.
Create a Job Alert
Interested in building your career at AGE solutions? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field