DOJ - Cloud Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

cFocus Software Incorporated · 1 day ago

DOJ - Cloud Architect

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
date10+ years exp

cFocus Software seeks a Cloud Architect to join our program supporting the Department of Justice (DOJ). The role involves designing secure cloud architectures and providing technical guidance on cloud services while ensuring compliance with DOJ cybersecurity policies and standards.

ChatbotGovernmentInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Serve as the cloud architecture subject matter expert supporting DOJ and BOP Rapid ATO activities
Design, evaluate, and validate secure cloud architectures supporting SaaS, PaaS, and IaaS environments
Ensure cloud architecture aligns with DOJ cybersecurity policies, NIST standards, FedRAMP requirements, and RMF processes
Provide technical guidance on cloud networking, segmentation, encryption, and access control strategies
Support integration of cloud environments into enterprise architectures and authorization boundaries
Support system preparation activities by defining cloud system architectures, hosting environments, and shared responsibility models
Identify and document cloud assets, services, and dependencies within authorization boundaries
Assist in identifying information types processed, stored, or transmitted within cloud environments, including PII
Support system security categorization by providing architectural input for confidentiality, integrity, and availability determinations
Assist with continuous cloud asset discovery using automated scanning tools to maintain accurate system boundaries
Support selection of cloud-specific security and privacy controls using DOJ Cybersecurity Standard 0904 and NIST SP 800-53
Map cloud services, components, and architectures to applicable NIST and FedRAMP control requirements
Support control tailoring decisions based on cloud service models, deployment patterns, and risk tolerance
Assist in defining control inheritance models from cloud service providers (CSPs) and shared responsibility matrices
Provide architectural input to the System Security and Privacy Plan (SSPP) and Requirements Traceability Matrix (RTM)
Provide architectural guidance for implementation of security controls within cloud environments
Ensure secure design and implementation of:
Network segmentation and firewalls (e.g., AWS native firewall services)
Connectivity solutions (AWS Direct Connect, AWS Outposts)
Reverse proxies and ingress/egress controls
Support implementation of encryption in transit and at rest, including SSL/TLS and key management services
Assist with integration of DevSecOps pipelines and infrastructure-as-code to enforce and verify cloud security controls
Validate alignment between documented controls and 'as-implemented' cloud configurations
Support security and privacy control assessments by providing architectural explanations and technical evidence
Assist in collection and analysis of cloud security evidence using:
SIEM tools (e.g., Splunk)
AWS GuardDuty, Security Hub, and Amazon Inspector
Interpret compliance dashboards, alerts, and metrics to identify security gaps or misconfigurations
Support remediation planning for cloud-related findings and POA&M development
Support development of authorization packages by providing cloud architecture documentation and risk inputs
Assist in evaluating cloud-specific risks and residual risk impacts
Support AO briefings by explaining cloud architectures, inherited controls, and shared responsibility considerations
Provide technical input for risk response strategies related to cloud services and deployments
Design and support continuous monitoring architecture for cloud systems
Implement and maintain automated monitoring solutions to:
Scan cloud accounts and VPCs
Collect FedRAMP-specific control evidence
Store artifacts in centralized repositories
Support AI-enabled compliance automation to identify unmet FedRAMP and RMF requirements
Assist with ongoing assessments and security posture reporting for cloud systems
Support assessment of cloud service providers to ensure valid FedRAMP authorization (JAB or Agency-authorized)
Review and validate FedRAMP security packages for SaaS, PaaS, and IaaS offerings
Assist in documenting control inheritance and CSP responsibilities
Support DOJ CIO approval processes for Agency-sponsored FedRAMP authorizations when required
Ensure all cloud architecture documentation complies with DOJ, NIST, FedRAMP, and FISMA requirements
Maintain accurate cloud architecture artifacts within JCAM
Collaborate with Lead and Senior ATO SMEs, Cloud Security Engineers, and system owners
Support audits, inspections, and government reviews by providing technical cloud architecture expertise

Qualification

Public Trust clearanceCloud security solutionsNetworking expertiseContinuous MonitoringAWS Security ServicesData EncryptionVulnerability IdentificationAI-Enabled Compliance AutomationSIEM toolsAWS GuardDutySecurity HubAmazon Inspector

Required

Active Public Trust clearance
M.S. degree in Computer Science, Information Technology, or a related field
10 years of experience in cloud and cloud security solutions in federal government systems
Strong knowledge of networking, with a focus on AWS native firewall, AWS Direct Connect, AWS Outposts network configuration, reverse proxy configurations, and related automation
Proven ability to design and implement continuous monitoring solutions for cloud systems and applications
Capability to design AI-powered tools that can scan all cloud accounts and VPCs, collect FedRAMP-specific responses, store them in a centralized repository for ConMon, and analyze them to identify unmet requirements
Strong experience in accessing, reviewing, and interpreting reports and alerts generated by SIEM tools such as Splunk
Proficient in reviewing and analyzing reports from AWS GuardDuty, Security Hub, and Amazon Inspector, including interpreting compliance and non-compliance metrics such as pie charts
In-depth understanding of end-to-end data encryption in transit and at rest, including SSL/TLS implementation
Ability to identify potential vulnerabilities, particularly those related to data or configuration tampering

Preferred

Prior Department of Justice (DOJ) and/or Bureau of Prisons (BOP) experience and domain knowledge

Company

cFocus Software Incorporated

twittertwitter
company-logo
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
dateFounded in 2006
location
Largo, Florida, USA
people-size11-50 employees
web-link
https://cfocussoftware.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
linkedin
Company data provided by crunchbase