Sr. Cloud Cybersecurity SME

RDTS is seeking a Cleared Cloud Cybersecurity SME to support the Bureau of Overseas Building Operations (OBO) at the U.S. Dept of State in Washington, D.C. We are seeking a mission-driven and technically advanced Senior Cloud Cybersecurity SME to lead cloud security engineering and strategy efforts in support of the OBO. This role is responsible for securing a hybrid multi-cloud environment spanning AWS, Azure, Google Cloud, and ServiceNow platforms, with a focus on architecture, policy enforcement, continuous monitoring, and operational resilience.

This is a primarily remote position; however, due to evolving federal Return-to-Office policies, candidates must reside in the Washington, DC metro area and be available for full-time onsite support if/when directed. All classified tasks must be performed onsite in a secure facility.

The Senior Cloud Cybersecurity SME will serve as the lead technical expert for cloud security, guiding the implementation of advanced controls, automation practices, and DevSecOps integration to ensure a secure and scalable environment for globally distributed systems.

KEY RESPONSIBILITIES:

Cloud Security Architecture and Engineering: Design, implement, and oversee cloud-native security architectures across IaaS, PaaS, and SaaS environments. Lead the development of hardened cloud configurations and secure access controls, ensuring alignment with Zero Trust principles and Department of State guidelines.

Security Control Implementation and Automation: Configure and monitor security services such as GuardDuty, Security Center, CloudTrail, and Microsoft Defender. Automate enforcement of security policies and controls using infrastructure-as-code and cloud-native tools. Ensure continuous protection and compliance across multi-cloud deployments.

DevSecOps Strategy and Integration: Support integration of cybersecurity into DevSecOps pipelines to enforce secure code deployments and configuration baselines. Collaborate with engineering and operations teams to implement security controls at every phase of the SDLC using tools such as Git, CI/CD platforms, and cloud-native scanners.

Risk Assessment and Compliance Support: Conduct risk assessments of cloud workloads, data flows, and platform-level configurations. Lead remediation planning and policy implementation to ensure compliance with NIST SP 800-53, FISMA, and Department of State security mandates (12 FAM, 5 FAH-6).

Security Monitoring and Incident Response: Integrate cloud telemetry into enterprise SIEM platforms (e.g., Splunk, Sentinel) and implement monitoring dashboards for real-time threat detection and compliance. Support incident response efforts by providing visibility into cloud assets, security events, and forensics.

Governance and Advisory Support: Develop and maintain cloud security policies, control matrices, and architectural documentation. Serve as a senior advisor to government stakeholders and program leadership on emerging threats, tool adoption, architecture decisions, and technology risk.

Active Security Clearance

Bachelors degree in Cybersecurity, Computer Science, or related technical field (or equivalent experience).

Minimum of 8 years of cybersecurity experience, with at least 5 years focused on cloud security engineering or architecture.

At least one advanced cloud certification: AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer, or equivalent.

Experience implementing and managing security controls in multi-cloud environments (AWS, Azure, Google Cloud).

Proficiency in DevSecOps, infrastructure-as-code, and automated security testing.

Deep familiarity with NIST RMF, FISMA, and Zero Trust architecture.

Preferred Qualifications:

Experience supporting Department of State, DHS, or other federal civilian cybersecurity programs.

Familiarity with ServiceNow, CyberArk, ArchAngel, and iApp platforms.

Strong background in cloud threat modeling, SOC integration, and secure workload design.

Experience implementing Security as a Service (SECaaS) models for enterprise environments.

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.

PIbf257776464e-

Full Time