Tria Federal
Cloud Information Assurance Specialist
Tria Federal - Lexington, Massachusetts, United States, 02173
Work at Tria Federal
Overview
- View job
Overview
TRIA Federal is seeking a Cloud Information Assurance (IA) Specialist to support the U.S. Air Force's Cloud One Enterprise Application Migration and Modernization (EAMM) contract in Lexington, MA.
At TRIA Federal, we serve those who serve — providing mission-focused IT, cybersecurity, and modernization services to federal agencies across the country. As a values-driven and veteran-founded company, we take pride in delivering secure, innovative solutions that directly support national defense and public service missions.
Everyone is trying to “harness the cloud,” but not everyone knows how to secure it. As a
Cloud Information Assurance Specialist , you will play a critical role in ensuring the security, resilience, and compliance of cloud-based systems supporting some of the Air Force’s most essential applications. In this position, you’ll provide hands-on support for cybersecurity assessments, Risk Management Framework (RMF) compliance, and the implementation of DoD security controls across enterprise cloud environments. Working closely with engineers, program managers, and cybersecurity stakeholders, you'll help assess risks, identify vulnerabilities, and ensure that systems meet stringent DoD and NIST requirements. This is a high-impact opportunity to apply your knowledge of cloud security, DoD cybersecurity policies, and risk assessments to protect mission-critical Air Force operations. If you’re passionate about cloud security and committed to serving the mission, TRIA Federal offers the environment, support, and purpose-driven work you’re looking for. Basic Requirements: B.S. in related field Must be a U.S. Citizen Must have an active Secret Clearance or Higher Intermediate-level Cloud Computing Certification such as Certified Cloud Security Professional (CCSP), Certified AWS Solutions Architect, or DevOps Engineer Certification Responsibilities: Provide cybersecurity and IA expertise for the Cloud One EAMM program, supporting secure migrations and operations of enterprise applications in commercial cloud environments (AWS, Azure, etc.). Conduct
Risk Management Framework (RMF)
activities for Information Systems (IS) in alignment with DoD, NIST, and Air Force standards. Prepare, review, and maintain
Assessment & Authorization (A&A)
documentation (e.g., SSPs, POA&Ms, CONOPS). Collaborate with DevSecOps and engineering teams to ensure security is integrated throughout the system development lifecycle (SDLC). Utilize tools such as
Xacta ,
eMASS , and
ACAS/Tenable.sc
to manage and document security compliance and reporting. Conduct security assessments and vulnerability scans, analyze results, and recommend/implement corrective actions. Track and mitigate security incidents, ensuring swift and compliant responses. Act as liaison between government IA/security officers and technical teams to ensure clear understanding and execution of security requirements. Support Continuous Monitoring (ConMon) and configuration management activities for cloud-based systems Experience evaluating and recommending cloud services, tools, and technologies to improve efficiency and enhance system capabilities to government organizations Ability to conduct architecture design, system or network analysis, vulnerability and risk assessments, and security assessment of hardware and software Additional Qualifications: Experience with containerization technologies such as Docker Experience writing in IaC tools such as AWS CloudFormation or Terraform, to streamline deployments, provisioning, and configuration management Experience with NIST standards Experience with CI/CD Experience with Agile or Scrum frameworks and practices Knowledge of Confluence, Jira, and Microsoft Office Suite ACTIVE SECRET CLEARANCE REQUIRED* MUST BE U.S. CITIZEN Work Location:
REMOTE/HYBRID in Lexington, MA
Cloud Information Assurance Specialist , you will play a critical role in ensuring the security, resilience, and compliance of cloud-based systems supporting some of the Air Force’s most essential applications. In this position, you’ll provide hands-on support for cybersecurity assessments, Risk Management Framework (RMF) compliance, and the implementation of DoD security controls across enterprise cloud environments. Working closely with engineers, program managers, and cybersecurity stakeholders, you'll help assess risks, identify vulnerabilities, and ensure that systems meet stringent DoD and NIST requirements. This is a high-impact opportunity to apply your knowledge of cloud security, DoD cybersecurity policies, and risk assessments to protect mission-critical Air Force operations. If you’re passionate about cloud security and committed to serving the mission, TRIA Federal offers the environment, support, and purpose-driven work you’re looking for. Basic Requirements: B.S. in related field Must be a U.S. Citizen Must have an active Secret Clearance or Higher Intermediate-level Cloud Computing Certification such as Certified Cloud Security Professional (CCSP), Certified AWS Solutions Architect, or DevOps Engineer Certification Responsibilities: Provide cybersecurity and IA expertise for the Cloud One EAMM program, supporting secure migrations and operations of enterprise applications in commercial cloud environments (AWS, Azure, etc.). Conduct
Risk Management Framework (RMF)
activities for Information Systems (IS) in alignment with DoD, NIST, and Air Force standards. Prepare, review, and maintain
Assessment & Authorization (A&A)
documentation (e.g., SSPs, POA&Ms, CONOPS). Collaborate with DevSecOps and engineering teams to ensure security is integrated throughout the system development lifecycle (SDLC). Utilize tools such as
Xacta ,
eMASS , and
ACAS/Tenable.sc
to manage and document security compliance and reporting. Conduct security assessments and vulnerability scans, analyze results, and recommend/implement corrective actions. Track and mitigate security incidents, ensuring swift and compliant responses. Act as liaison between government IA/security officers and technical teams to ensure clear understanding and execution of security requirements. Support Continuous Monitoring (ConMon) and configuration management activities for cloud-based systems Experience evaluating and recommending cloud services, tools, and technologies to improve efficiency and enhance system capabilities to government organizations Ability to conduct architecture design, system or network analysis, vulnerability and risk assessments, and security assessment of hardware and software Additional Qualifications: Experience with containerization technologies such as Docker Experience writing in IaC tools such as AWS CloudFormation or Terraform, to streamline deployments, provisioning, and configuration management Experience with NIST standards Experience with CI/CD Experience with Agile or Scrum frameworks and practices Knowledge of Confluence, Jira, and Microsoft Office Suite ACTIVE SECRET CLEARANCE REQUIRED* MUST BE U.S. CITIZEN Work Location:
REMOTE/HYBRID in Lexington, MA