Cloud Security Architect

Job Title

Cloud Security Architect

Location

Remote with travel to Hanscom Air Force Base or Huntsville AL

Wage Range

$90k to $96k

Job Number

26-00594

Required Experience

• Secret Cleared
• Security+ or better
• Minimum 2+ years of experience in Information Security, Cybersecurity, or Cloud Security Engineering
• Hands‑on experience with AWS cloud environments
• Experience with identity and access management solutions, specifically Okta and SailPoint
• Development skills like C# for API integrations; experience with SailPoint and Okta (ICAM developer/integration type resource)

Job Description

We are seeking an Information Security Engineer to support the design, implementation, and ongoing management of secure cloud and enterprise systems. This role is responsible for identifying security risks, developing mitigation strategies, and ensuring compliance with DoD and federal cybersecurity frameworks throughout the system lifecycle.

The ideal candidate brings hands‑on experience in AWS cloud security, secure system design, API security, identity and access management, and secure application development. This role requires strong experience with modern IAM platforms including Okta and SailPoint, as well as secure development experience using C#.

Candidates located in or near the Boston area are strongly preferred.

Key Responsibilities

• Lead and support the development of Information Security (InfoSec) engineering designs and implementations
• Identify security risks and vulnerabilities across AWS cloud and on‑premise environments
• Develop and execute mitigation plans to address identified risks
• Architect, implement, evaluate, and support security‑focused tools and services
• Conduct system security assessments and oversee mitigation of threats throughout the program lifecycle
• Define and validate system security requirements
• Establish secure system designs aligned with federal security frameworks
• Collaborate with engineering, DevOps, and program leadership teams to integrate security into system architecture
• Support secure application development using C# and modern frameworks
• Design, implement, and secure identity and access management solutions using Okta and SailPoint
• Review and secure API integrations and microservices architectures
• Support secure CI/CD pipelines and DevSecOps practices

Required Qualifications

• Active Secret Clearance (DoD)
• Minimum 2+ years of experience in Information Security, Cybersecurity, or Cloud Security Engineering
• Hands‑on experience with AWS cloud environments
• Experience with identity and access management solutions, specifically Okta and SailPoint
• Experience with secure application development using C#
• Experience supporting security architecture, system security design, or cloud security implementations
• Experience reviewing or securing APIs and application‑layer integrations
• Understanding of risk management and mitigation practices
• Experience working within regulated environments (DoD, Federal, or similarly compliant environments preferred)
• Ability to support security assessments and lifecycle compliance efforts

Education & Certifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field
• DoD IAT Level II certification required
• AWS certification (Solutions Architect, Security Specialty, or equivalent) preferred
• One or more cloud security certifications (AWS, Azure, Google Cloud Platform) preferred

Preferred Skills

• Experience with RMF (Risk Management Framework)
• Familiarity with NIST 800‑53 / 800‑171
• Experience securing AWS‑native services (IAM, VPC, CloudTrail, GuardDuty, etc.)
• Knowledge of vulnerability management tools and security monitoring platforms
• Experience supporting secure CI/CD pipelines and DevSecOps automation
• Strong documentation and communication skills

Equal Opportunity Employer

Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities.

Compensation Note

While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job‑related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions. Benefits offered are in accordance with applicable federal, state, and local laws and subject to change at TCM's discretion.

Source

#Dice