Information Assurance Engineer - Cloud One

- Provide Risk Management Framework (RMF) engineering and cybersecurity assistance for the USAF Cloud One enterprise cloud environment that supports AWS, Azure, Oracle, and GCP at DoD Impact Levels (IL) 2–6. - Develop, revise, and sustain RMF authorization artifacts adhering to DoDI 8510.01 and NIST SP 800-53. - Supply RMF-required documentation and artifacts to Government ISSO/ISSM for Assessment & Authorization (A&A) processes. - Maintain updated System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plan of Action & Milestones (POA&Ms), and related documents. - Assist in the transition of security control baselines from NIST SP 800-53 Rev 4 to Rev 5, which includes control re-mapping, gap analysis, control implementation updates, and SSP/POA&M artifact adjustments within DoD RMF protocols. - Support Continuous Authorization to Operate (cATO) in a DevSecOps or cloud-focused environment, featuring automated control validation, continuous monitoring, and immediate POA&M management. - Engage in ATO maintenance and ongoing support for C1 and DPaaS environments. - Assist in tracking Authority to Use (ATU) conditions and remediation as directed by the AO. - Collaborate with Government ISSO/ISSM to uphold compliance with DoDI 8500.01 (Cybersecurity), DoDI 8510.01 (RMF), AFI 17-101 (RMF), DoD Cloud Computing SRG, DISA STIG/SRG, and CNSSI 1253. - Facilitate security control evaluations, audit preparedness, and third-party cybersecurity inspections. - Ensure compliance with audit log configuration, monitoring, and retention. - Support incident documentation and reporting per DFARS 252.204-7012 and 252.239-7010. - Guarantee adherence to SCCA and Cloud SRG stipulations. - Oversee secure configurations of AWS, Azure, Oracle, and GCP cloud platforms.