Cloud Security SME (C&A, RMF, Zero Trust, cybersecurity, NIST)

Job Description

Job Description

Job Title: Cloud Security SME (C&A, RMF, Zero Trust, cybersecurity, NIST)

Location: Remote - (ability to attend meetings in Fort Belvoir, VA and DC metro area as needed)

Clearance Required: Secret or TS

Certification: CCSP - Certified Cloud Security Professional

Salary: $125K-$136K

Application Deadline: October 23, 2025

To apply, please follow these steps:

• Visit: https://s2i2.isolvedhire.com/jobs/

• Select the position you are interested in

• Review the job details, then click Apply Now

• Complete and submit your application

Position Overview:

S2i2 is seeking a highly qualified Cloud Computing Specialist – Subject Matter Expert (SME) to provide advanced technical expertise in cloud architecture, deployment, and cybersecurity compliance in accordance with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and Department of Defense (DoD) standards.

The CCS-SME will serve as the principal advisor on Certification and Accreditation (C&A) activities, cloud hosting design, and security control implementation across multiple platforms including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).

The role requires deep understanding of FedRAMP, Secure Cloud Computing Architecture (SCCA), and Zero Trust (ZT) frameworks to ensure secure, compliant, and efficient cloud solutions supporting DLA enterprise operations.

Responsibilities

• Serve as a subject matter expert (SME) for cloud security, Certification and Accreditation (C&A), and implementation of the NIST RMF as defined in NIST SP 800-53 and SP 800-37 (current versions).

• Maintain Certified Cloud Security Professional (CCSP) credentials and apply industry best practices to identify, manage, and mitigate cloud computing risks across multiple environments.

• Provide cloud hosting design and advisory support for deployments on Azure, AWS, Google Cloud, and Oracle Cloud Infrastructure.

• Collaborate with DLA engineers, cybersecurity teams, and vendors to develop and implement secure cloud architectures meeting DoD/DISA security requirements and guidance, including SCCA, FRD, and SRG.

• Conduct C&A reviews, security control assessments, and compliance evaluations for large-scale, complex information systems.

• Implement and maintain cloud security controls covering network security, tenant isolation, encryption, key management, vulnerability assessments, firewalls, and Zero Trust principles.

• Support deployment, troubleshooting, system testing, and validation activities related to cloud hosting environments.

• Author and maintain deployment specifications, configuration documentation, test plans, and cloud security reports to support Enterprise Hosting operations.

• Recommend innovative solutions to enhance automation, scalability, and process efficiency across multi-cloud environments.

Minimum Requirements

Experience:

• Minimum five (5) years of Certification and Accreditation (C&A) experience.
• Minimum five (5) years of hands-on experience in cloud computing, including deployment, migration, and management of enterprise workloads.
• Demonstrated DoD Cybersecurity and RMF compliance experience.
• Experience in Zero Trust, SCCA FRD, and SRG implementation.
• Experience assessing cybersecurity controls for large, complex IT systems.
• Experience with hybrid, edge, and cloud-native computing architectures.