CloudOne Cloud Security Authorization Manager (USAF Cloud One)

Leidos

About The Position

Leidos was awarded the U.S. Air Force Cloud One Architecture and Common Shared Services contract and currently has an opening for the AWS, Azure, Google, and Oracle clouds. This is an exciting opportunity to use your experience to modernize a leading, global-scale multi-cloud environment in support of a critical mission, supporting USAF system resiliency, security, and cost effectiveness. Location: This position will be in Huntsville, AL and may require travel to support customer or corporate meetings near Hanscom AFB (Boston, MA), or Reston, VA. Primary Responsibilities Include: Serve as the Lead Cybersecurity Authorization Manager for the program as the primary POC for customer interactions Lead a group of approximately 10 Cyber engineers to fulfill the cyber requirements for the program Design, deploy, configure, operate, and maintain authorizations and accreditation of the C1 Architecture for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure in NIPRNet and SIPRNet Oversee the cybersecurity authorizations required artifacts to eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and Authorization to Operate (ATO) Experience migration of authorizations from NIST Rev 4 to Rev 5 Experience implementing cATO leveraging automation and dashboards Support conducting cybersecurity authorization activities to comply with all current Cybersecurity and IA manuals, instructions, and guides within the DoDI 8500.01 and DON 5239. Supply RMF-required authorization-related documentation and artifacts Draft and update the Contractor’s System Security Plan Provide and execute a plan for vulnerability and compliance scanning Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components. Develop and maintain system security documentation, including drafting, reviewing, editing, and recommending guidance for Standard Operating Procedures (SOP), Tactics, Techniques, & Procedures (TTP), Plan of Action and Milestones (POA&M) and Federal Information Security Management Act (FISMA) Score Card. Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials Work closely with government Cyber & technical teams to support ATO conditions and requirements. Prepare detailed technical documentation to support development and operational processes Collaborate with team members and provide mentorship to junior staff, fostering a learning environment Act as the Cyber manager to assess employee performance, hire new employees, and ensure compliance with corporate training requirements

Requirements

Bachelors and 8+ years of prior relevant experience or Masters with 6+ years of prior relevant experience.
4+ years of experience supervising or leading teams or projects.
Interim Secret clearance required to start; Ability to obtain Secret clearance required to maintain employment
US citizenship required
Certifications: CompTIA Security+ or equivalent (IAT-2)

Nice To Haves

Experience with USAF Cloud One or Platform 1
Experience with Zero Trust Architecture
Cloud certifications in AWS, Azure, Google, or Oracle clouds
Certifications: CISSP

Responsibilities

Serve as the Lead Cybersecurity Authorization Manager for the program as the primary POC for customer interactions
Lead a group of approximately 10 Cyber engineers to fulfill the cyber requirements for the program
Design, deploy, configure, operate, and maintain authorizations and accreditation of the C1 Architecture for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure in NIPRNet and SIPRNet
Oversee the cybersecurity authorizations required artifacts to eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and Authorization to Operate (ATO)
Experience migration of authorizations from NIST Rev 4 to Rev 5
Experience implementing cATO leveraging automation and dashboards
Support conducting cybersecurity authorization activities to comply with all current Cybersecurity and IA manuals, instructions, and guides within the DoDI 8500.01 and DON 5239.
Supply RMF-required authorization-related documentation and artifacts
Draft and update the Contractor’s System Security Plan
Provide and execute a plan for vulnerability and compliance scanning
Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components.
Develop and maintain system security documentation, including drafting, reviewing, editing, and recommending guidance for Standard Operating Procedures (SOP), Tactics, Techniques, & Procedures (TTP), Plan of Action and Milestones (POA&M) and Federal Information Security Management Act (FISMA) Score Card.
Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials
Work closely with government Cyber & technical teams to support ATO conditions and requirements.
Prepare detailed technical documentation to support development and operational processes
Collaborate with team members and provide mentorship to junior staff, fostering a learning environment
Act as the Cyber manager to assess employee performance, hire new employees, and ensure compliance with corporate training requirements