Improvix Technologies · 18 hours ago
Cloud Security and Compliance Officer
Washington, DC
Full-time
Onsite
Mid, Senior Level
$140K/yr - $160K/yr
3+ years expImprovix Technologies is focused on securing multi-cloud environments and is seeking a Cloud Security and Compliance Officer. This role involves implementing compliance controls, managing risk, and ensuring adherence to security standards across AWS, Azure, and GCP.
Information Technology
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Implement, validate, and maintain security controls across AWS, Azure, and GCP environments
Support FedRAMP, FISMA, NIST 800‑53, CIS Benchmarks, PCI, and organizational compliance frameworks
Conduct control assessments, analyze gaps, and guide remediation activities in partnership with cloud security engineers
Assist with preparing, reviewing, and maintaining compliance documentation, including SSPs, POA&Ms, PTAs, PIAs, IRPs, CMPs, and audit artifacts
Support cloud authorization activities (ATO processes) and help streamline compliance workflows
Monitor cloud environments using tools such as AWS Security Hub, Azure Security Center, Google Command Center, Tenable.io, Qualys, and SIEM tools
Identify risks across infrastructure, applications, and configurations; track and remediate findings
Develop repeatable workflows for log monitoring, vulnerability management, and cloud configuration auditing
Collaborate with AWS, Azure, and GCP Cloud Security Engineers to interpret compliance requirements into actionable security configurations
Assist in secure design and implementation of cloud architectures aligned with Enterprise Architecture (EA) and Zero Trust principles
Participate in incident response activities related to cloud environments
Create and maintain SOPs, runbooks, workflows, and compliance reports for leadership visibility
Recommend improvements to compliance and monitoring processes to reduce audit findings and operational friction
Support executive‑level reporting and security governance initiatives
Work with security, IT, legal, engineering, and leadership teams to ensure compliance requirements are understood and met
Communicate technical compliance issues in business‑aligned language
Provide guidance and knowledge transfer to technical and non‑technical stakeholders
Qualification
Required
3–7+ years of experience in cloud security, compliance, or cybersecurity engineering
Hands‑on experience with at least one major cloud platform (AWS, Azure, or GCP); familiarity with multi‑cloud environments preferred
Strong understanding of compliance standards such as NIST 800‑53/171, FISMA, FedRAMP, CIS Benchmarks, or similar
Experience with cloud security monitoring tools (Security Hub, CloudTrail, Azure Monitor, GCP SCC, Splunk, Tenable, Qualys, etc.)
Ability to author and maintain compliance documentation (SSPs, POA&Ms, IRPs, etc.)
Knowledge of Identity & Access Management (IAM), network security, vulnerability management, and cloud configuration hardening
Strong analytical, communication, and documentation skills
Preferred
Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
Certifications such as: CCSP, Security+, AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer
Experience supporting ATO processes or working in regulated environments (federal, financial, healthcare)
Prior experience in cloud security engineering or system administration
Company
Improvix Technologies
Improvix provides custom-tailored, high-quality, and secure IT services for federal agencies and commercial entities.
201-500 employees
Funding
Current Stage
Growth StageLeadership Team
Aneesh Mehta
Chief Executive Officer
Recent News
Washington Technology
2025-08-09
Company data provided by crunchbase