Hoplite Solutions LLC
Cloud Security Compliance Engineer
Hoplite Solutions LLC, Fort George Meade, Maryland, United States
Hoplite Solution is seeking a highly skilled
Cloud Security Compliance Engineer
with hands-on experience obtaining Authority to Operate (ATO) for AWS cloud-based workloads. The ideal candidate will be well-versed in federal compliance frameworks such as NIST RMF and NIST SP 800-53 and capable of automating compliance processes within AWS environments. You will play a key role in authoring security documentation, integrating security tools, and supporting the automation of governance activities across complex cloud architectures. Key Responsibilities:
Lead or support efforts to obtain and maintain ATOs for AWS-based systems.
Implement and manage compliance automation tools and AWS governance services such as AWS Config.
Develop and maintain Body of Evidence (BoE) documentation including: Security control implementation statements
System Security Plans (SSPs)
Test plans and procedures
Architecture diagrams
Integrate AWS monitoring and auditing services (e.g., CloudWatch, CloudTrail) into GRC platforms.
Build and configure STIG-compliant AWS resources, including hardened Amazon Machine Images (AMIs).
Automate security-related processes using scripting languages (e.g., Python).
Collaborate with engineering, DevOps, and security teams to ensure systems meet federal and organizational compliance requirements.
Required Qualifications:
Proven experience obtaining ATO for AWS cloud-based systems.
Active Poly
Strong knowledge of federal security frameworks such as: NIST Risk Management Framework (RMF)
NIST SP 800-53
Experience with AWS-native compliance/governance services (e.g., AWS Config, AWS Organizations).
Demonstrated experience authoring ATO-related documentation.
Proficiency in integrating AWS log data (CloudTrail, CloudWatch) into GRC tools.
Experience automating security tasks using Python.
Desired Qualifications:
Familiarity with customer-specific security practices (e.g., STE, STN).
Experience with STIG implementation and building hardened cloud images.
Relevant certifications such as: AWS Certified Security – Specialty
CISSP, CAP, or similar
Experience working in federal or highly regulated environments.
Cloud Security Compliance Engineer
with hands-on experience obtaining Authority to Operate (ATO) for AWS cloud-based workloads. The ideal candidate will be well-versed in federal compliance frameworks such as NIST RMF and NIST SP 800-53 and capable of automating compliance processes within AWS environments. You will play a key role in authoring security documentation, integrating security tools, and supporting the automation of governance activities across complex cloud architectures. Key Responsibilities:
Lead or support efforts to obtain and maintain ATOs for AWS-based systems.
Implement and manage compliance automation tools and AWS governance services such as AWS Config.
Develop and maintain Body of Evidence (BoE) documentation including: Security control implementation statements
System Security Plans (SSPs)
Test plans and procedures
Architecture diagrams
Integrate AWS monitoring and auditing services (e.g., CloudWatch, CloudTrail) into GRC platforms.
Build and configure STIG-compliant AWS resources, including hardened Amazon Machine Images (AMIs).
Automate security-related processes using scripting languages (e.g., Python).
Collaborate with engineering, DevOps, and security teams to ensure systems meet federal and organizational compliance requirements.
Required Qualifications:
Proven experience obtaining ATO for AWS cloud-based systems.
Active Poly
Strong knowledge of federal security frameworks such as: NIST Risk Management Framework (RMF)
NIST SP 800-53
Experience with AWS-native compliance/governance services (e.g., AWS Config, AWS Organizations).
Demonstrated experience authoring ATO-related documentation.
Proficiency in integrating AWS log data (CloudTrail, CloudWatch) into GRC tools.
Experience automating security tasks using Python.
Desired Qualifications:
Familiarity with customer-specific security practices (e.g., STE, STN).
Experience with STIG implementation and building hardened cloud images.
Relevant certifications such as: AWS Certified Security – Specialty
CISSP, CAP, or similar
Experience working in federal or highly regulated environments.