EmergencyMD is hiring: Cloud Cybersecurity Manager in Alexandria

Overview

JST is currently seeking a Cloud Cybersecurity Manager who will serve as the program's senior cybersecurity lead for IT, Cybersecurity, and Data Operations, responsible for security architecture, RMF compliance, Zero Trust Architecture (ZTA) alignment, continuous monitoring, and secure DevSecOps across MC&FP's AWS GovCloud estate. Partner with the PM and Digital/Platform leads to enable rapid, secure change that supports O&E mission outcomes.

This is a full-time on-site position in Alexandira, VA. JST offers a full benefit package, a collaborative work environment and strong company culture. Veterans and military spouses are encouraged to apply. This position is contingent upon contract award.

Cloud Cybersecurity Manager Responsibilities

• Security Governance & RMF: Own SSP, control inheritance, POA&Ms, audits, and ATO sustainment; lead continuous monitoring and Plan of Action closure.
• Zero Trust & Architecture: Define/prioritize ZTA controls (identity, device, network, application, data); implement policy-as-code, SBOM/provenance, and least-privilege patterns.
• Threat, Vulnerability, & Configuration Management: Direct scanning, penetration testing coordination, vulnerability remediation SLAs, and secure configuration baselines; oversee CM and privileged access.
• Incident Readiness & Resilience: Coordinate with SOC/IR; validate alerting, runbooks, tabletop exercises, and post-incident reviews; assure HA/DR objectives.
• Secure DevSecOps: Embed security gates in CI/CD (SAST/DAST/IAST/Secrets); champion feature flags/canaries and change control to minimize risk to availability.
• Compliance & Reporting: Align with DoD, DISA, and USCYBERCOM directives; deliver security metrics (vuln aging, patch compliance, MFA/privilege, config drift, audit readiness).
• Collaboration & Training: Advise O&E and engineering teams on secure design, data protection, and privacy; lead awareness and secure-coding practices.

Cloud Cybersecurity Manager Qualifications

• 8–10 years leading cybersecurity for Federal cloud programs; hands‑on with AWS GovCloud and DoD IL2/IL4/IL5 workloads.
• CISSP (required) or CISM (acceptable); CAP and/or CCSP strongly preferred.
• CompTIA Security+ (baseline), AWS Security Specialty (preferred).
• Meets DoD 8140/8570 IAM-II/III baseline.
• BA/BS in Cybersecurity, Information Assurance, Computer Science, or related field; advanced degree a plus.
• Proven RMF lifecycle leadership (from categorization to continuous monitoring) and successful ATO sustainment.
• Experience implementing ZTA controls, SIEM/SOAR integration, vulnerability and patch management at scale, and identity/SSO/MFA governance.
• Strong collaboration with product/O&E, platform, and SRE/operations teams; excellent executive communication.

Required Clearances and Screenings

• MUST possess a Public Trust clearance (Secret eligibility preferred).
• MUST be able to successfully pass a drug screen and background check.

Equal Opportunity Statement

JST is a proud equal opportunity employer. All qualified applicants will be considered for employment without attention to age, race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. JST will not tolerate discrimination or harassment.