Brightvision Capital Partners, LLC
CYBERSECURITY CLOUD SUBJECT MATTER EXPERT (SME)
Brightvision Capital Partners, LLC, Manassas, Virginia, United States, 22110
CYBERSECURITY CLOUD SUBJECT MATTER EXPERT (SME)
Full-time
Founded in 2017 and headquartered in Manassas, Virginia, Toomey Technologies is a SBA certified HUBZone, and Woman Owned Small Business experienced in Program Management and Solution Implementation support services. Our diverse and talented personnel provide structure to develop and execute strategies to maximize mission success and have an established track record supporting critical initiatives across a wide range of federal clients. We develop and execute strategies to maximize mission success and apply in-depth industry knowledge, analytics and expertise to design the right solution. Once the strategy is in place, we help communicate the changes and promote adoption among stakeholders.
Serves as the primary cloud security architect responsible for ensuring that cloud-hosted ITsystems, particularly the Electronic Contract Writing Module (ECWM) and related customer contracting systems, are architected, designed, and implemented with robust security controls that meet or exceed agency requirements. The SME provides comprehensive security oversight throughout the system lifecycle, from initial design through deployment and ongoing operations, with particular emphasis on cloud environments including Oracle Cloud Infrastructure (OCI), Amazon Web Services (AWS), and Microsoft Azure. The position requires deep expertise in DoD cybersecurity frameworks, FedRAMP compliance, Risk Management Framework (RMF), and the unique security challenges inherent in cloud-based Government systems handling sensitive contracting and procurement data.
Active Security Clearance
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related technical field
Advanced cloud security certifications (CCSP, CISSP, SABSA, or equivalent) CISSP, CISM, or other advanced cybersecurity certification
Experience with DoD Enterprise DevSecOps Reference Design
Knowledge of containerization security (Docker, Kubernetes) and micro services security architecture
Cloud ATO Experience:
Two (2) years of hands‑on experience achieving Authorization to Operate (ATO) in cloud environments (OCI, AWS, Azure, or equivalent platforms) with demonstrated success in navigating complex compliance requirements
DoD Systems ATO Experience:
Five (5) years of experience achieving ATOs for compartmented DoD IT systems with deep understanding of DoD‑specific security requirements, assessment processes, and stakeholder coordination
Cloud Certification:
Current cloud security certification from major cloud providers (Oracle Cloud Infrastructure, AWS, Azure, or equivalent) demonstrating technical proficiency and up‑to‑date knowledge of cloud security capabilities.
DoD Approved 8140/8570 Baseline Certification:
FedRAMP Expertise:
Extensive knowledge of FedRAMP assessment methodology including practical experience with FedRAMP security control requirements, assessment procedures, and authorization processes
OCI Experience:
Demonstrated experience working with Oracle Cloud Infrastructure (OCI) including security architecture, implementation, and compliance activities
Enterprise DoD IT Experience:
Proven experience working with enterprise DoD IT systems, understanding of DoD architecture standards, and familiarity with DoD cybersecurity requirements and processes
Advanced expertise in cloud security architecture principles across multiple platforms (OCI, AWS, Azure, Google Cloud) with deep understanding of shared responsibility models, cloud‑native security services, and hybrid cloud security considerations
Comprehensive knowledge of cloud security engineering best practices including identity and access management (IAM), network security, data encryption, key management, and secure application deployment patterns
Proficiency in Infrastructure as Code (IaC) security, container security, serverless security, and cloud workload protection platforms with ability to implement security‑by‑design principles
Expert‑level understanding of cloud security threats, attack vectors, and mitigation strategies including advanced persistent threats (APTs), insider threats, and cloud‑specific vulnerabilities
Extensive experience with DoD Risk Management Framework (RMF) processes including system categorization, security control selection and implementation, assessment procedures, authorization decisions, and continuous monitoring
Deep knowledge of NIST cybersecurity frameworks (SP 800‑53, SP 800‑37, SP 800‑171), DISA Security Technical Implementation Guides (STIGs), and DoD cybersecurity policies and instructions
Comprehensive understanding of FedRAMP assessment methodology, including security control inheritance, shared controls, and the FedRAMP authorization process for cloud service providers
Expertise in Authorization to Operate (ATO) processes for both cloud environments and compartmented DoD IT systems, including security documentation development, evidence collection, and stakeholder coordination
Advanced capabilities in conducting comprehensive cybersecurity vulnerability assessments with specific focus on cloud hosting environments and the unique risks associated with multi‑tenant cloud infrastructure • Proficiency in security testing methodologies including penetration testing, vulnerability scanning, configuration assessments, and security control validation
Experience with security assessment tools and platforms including Assured Compliance Assessment Solution (ACAS), commercial vulnerability scanners, and cloud security posture management (CSPM) tools
Knowledge of threat modeling, security architecture review processes, and the ability to identify and mitigate security gaps in complex, distributed systems
Proven ability to review existing cloud security policies and provide actionable recommendations for improvement to enhance overall security posture and meet evolving threat landscapes
Experience in developing security standards, procedures, and guidelines that balance security requirements with operational efficiency and mission effectiveness
Knowledge of emerging cloud security technologies and methodologies with ability to assess their applicability to DoD environments and recommend adoption strategies
Comprehensive understanding of enterprise DoD IT architecture, including network topologies, system interconnections, data flows, and the security implications of complex system integrations
Experience with DoD enterprise services, shared services, and the security considerations involved in connecting cloud‑hosted applications to existing DoD infrastructure
Knowledge of DoD cloud strategy and implementation approach
Hands‑on experience with cloud security tools and services including cloud access security brokers (CASB), cloud workload protection platforms (CWPP), and security information and event management (SIEM) solutions
Proficiency in security automation, orchestration, and response (SOAR) capabilities with understanding of how to leverage cloud‑native security services for incident response and threat hunting
Knowledge of DevSecOps practices and the integration of security controls into continuous integration/continuous deployment (CI/CD) pipelines
Understanding of backup and disaster recovery security considerations, business continuity planning, and the security implications of cloud‑based recovery solutions
Experience with Government cloud initiatives (milCloud, AWS GovCloud, Azure Government)
Familiarity with AI/ML security considerations in cloud environments
Only qualified candidates will be contacted. Be sure to keep an eye on your spam or junk folders in case our emails end up in there! Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.
Toomey Technologies is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.
#J-18808-Ljbffr
Full-time
Founded in 2017 and headquartered in Manassas, Virginia, Toomey Technologies is a SBA certified HUBZone, and Woman Owned Small Business experienced in Program Management and Solution Implementation support services. Our diverse and talented personnel provide structure to develop and execute strategies to maximize mission success and have an established track record supporting critical initiatives across a wide range of federal clients. We develop and execute strategies to maximize mission success and apply in-depth industry knowledge, analytics and expertise to design the right solution. Once the strategy is in place, we help communicate the changes and promote adoption among stakeholders.
Serves as the primary cloud security architect responsible for ensuring that cloud-hosted ITsystems, particularly the Electronic Contract Writing Module (ECWM) and related customer contracting systems, are architected, designed, and implemented with robust security controls that meet or exceed agency requirements. The SME provides comprehensive security oversight throughout the system lifecycle, from initial design through deployment and ongoing operations, with particular emphasis on cloud environments including Oracle Cloud Infrastructure (OCI), Amazon Web Services (AWS), and Microsoft Azure. The position requires deep expertise in DoD cybersecurity frameworks, FedRAMP compliance, Risk Management Framework (RMF), and the unique security challenges inherent in cloud-based Government systems handling sensitive contracting and procurement data.
Active Security Clearance
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related technical field
Advanced cloud security certifications (CCSP, CISSP, SABSA, or equivalent) CISSP, CISM, or other advanced cybersecurity certification
Experience with DoD Enterprise DevSecOps Reference Design
Knowledge of containerization security (Docker, Kubernetes) and micro services security architecture
Cloud ATO Experience:
Two (2) years of hands‑on experience achieving Authorization to Operate (ATO) in cloud environments (OCI, AWS, Azure, or equivalent platforms) with demonstrated success in navigating complex compliance requirements
DoD Systems ATO Experience:
Five (5) years of experience achieving ATOs for compartmented DoD IT systems with deep understanding of DoD‑specific security requirements, assessment processes, and stakeholder coordination
Cloud Certification:
Current cloud security certification from major cloud providers (Oracle Cloud Infrastructure, AWS, Azure, or equivalent) demonstrating technical proficiency and up‑to‑date knowledge of cloud security capabilities.
DoD Approved 8140/8570 Baseline Certification:
FedRAMP Expertise:
Extensive knowledge of FedRAMP assessment methodology including practical experience with FedRAMP security control requirements, assessment procedures, and authorization processes
OCI Experience:
Demonstrated experience working with Oracle Cloud Infrastructure (OCI) including security architecture, implementation, and compliance activities
Enterprise DoD IT Experience:
Proven experience working with enterprise DoD IT systems, understanding of DoD architecture standards, and familiarity with DoD cybersecurity requirements and processes
Advanced expertise in cloud security architecture principles across multiple platforms (OCI, AWS, Azure, Google Cloud) with deep understanding of shared responsibility models, cloud‑native security services, and hybrid cloud security considerations
Comprehensive knowledge of cloud security engineering best practices including identity and access management (IAM), network security, data encryption, key management, and secure application deployment patterns
Proficiency in Infrastructure as Code (IaC) security, container security, serverless security, and cloud workload protection platforms with ability to implement security‑by‑design principles
Expert‑level understanding of cloud security threats, attack vectors, and mitigation strategies including advanced persistent threats (APTs), insider threats, and cloud‑specific vulnerabilities
Extensive experience with DoD Risk Management Framework (RMF) processes including system categorization, security control selection and implementation, assessment procedures, authorization decisions, and continuous monitoring
Deep knowledge of NIST cybersecurity frameworks (SP 800‑53, SP 800‑37, SP 800‑171), DISA Security Technical Implementation Guides (STIGs), and DoD cybersecurity policies and instructions
Comprehensive understanding of FedRAMP assessment methodology, including security control inheritance, shared controls, and the FedRAMP authorization process for cloud service providers
Expertise in Authorization to Operate (ATO) processes for both cloud environments and compartmented DoD IT systems, including security documentation development, evidence collection, and stakeholder coordination
Advanced capabilities in conducting comprehensive cybersecurity vulnerability assessments with specific focus on cloud hosting environments and the unique risks associated with multi‑tenant cloud infrastructure • Proficiency in security testing methodologies including penetration testing, vulnerability scanning, configuration assessments, and security control validation
Experience with security assessment tools and platforms including Assured Compliance Assessment Solution (ACAS), commercial vulnerability scanners, and cloud security posture management (CSPM) tools
Knowledge of threat modeling, security architecture review processes, and the ability to identify and mitigate security gaps in complex, distributed systems
Proven ability to review existing cloud security policies and provide actionable recommendations for improvement to enhance overall security posture and meet evolving threat landscapes
Experience in developing security standards, procedures, and guidelines that balance security requirements with operational efficiency and mission effectiveness
Knowledge of emerging cloud security technologies and methodologies with ability to assess their applicability to DoD environments and recommend adoption strategies
Comprehensive understanding of enterprise DoD IT architecture, including network topologies, system interconnections, data flows, and the security implications of complex system integrations
Experience with DoD enterprise services, shared services, and the security considerations involved in connecting cloud‑hosted applications to existing DoD infrastructure
Knowledge of DoD cloud strategy and implementation approach
Hands‑on experience with cloud security tools and services including cloud access security brokers (CASB), cloud workload protection platforms (CWPP), and security information and event management (SIEM) solutions
Proficiency in security automation, orchestration, and response (SOAR) capabilities with understanding of how to leverage cloud‑native security services for incident response and threat hunting
Knowledge of DevSecOps practices and the integration of security controls into continuous integration/continuous deployment (CI/CD) pipelines
Understanding of backup and disaster recovery security considerations, business continuity planning, and the security implications of cloud‑based recovery solutions
Experience with Government cloud initiatives (milCloud, AWS GovCloud, Azure Government)
Familiarity with AI/ML security considerations in cloud environments
Only qualified candidates will be contacted. Be sure to keep an eye on your spam or junk folders in case our emails end up in there! Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.
Toomey Technologies is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.
#J-18808-Ljbffr