IA/Cyber/Cloud Admin
Concept Plus, LLC · Dayton, OH · 1 mo ago
RemoteRemoteInformation TechnologyFull-time
About the role
We are seeking an IA/Cyber/Cloud Administrator to support client IT systems development and operations. This role requires knowledge and understanding of client IT processes and technology stack, including DevSecOps CI/CD pipelines, Cloud One environments, Oracle-based systems, and Java application stacks. Client systems are deployed in both classified and unclassified DISA and cloud environments, requiring strict adherence to client cybersecurity, configuration, and compliance standards.
Responsibilities
- Administer and secure cloud environments, including client Cloud One, AWS, and hybrid infrastructures supporting REMIS
- Implement and maintain security controls across CI/CD pipelines, ensuring secure code integration, build, and deployment processes
- Support RMF (Risk Management Framework) activities, including control implementation, assessment support, and ATO sustainment
- Configure and maintain STIG-compliant systems, ensuring alignment with client hardening and configuration standards
- Integrate and manage automated security tools within DevSecOps pipelines (SAST, DAST, container scanning, dependency scanning)
- Maintain system security posture using continuous monitoring tools, log aggregation, and alerting platforms
- Conduct vulnerability assessments, remediation tracking, and security reporting
- CI/CD DevSecOps Integration: Implement security analysis tools (SAST, DAST, SCA) into CI/CD pipelines to identify vulnerabilities early.
- Cybersecurity Compliance (RMF): Ensure cloud systems meet Risk Management Framework (RMF) standards (NIST 800-53), including ATO (Authority to Operate) support and documentation.
- Vulnerability Management: Perform automated cybersecurity testing and manage STIG compliance, conducting scan evaluations using ACAS (Assured Compliance Assessment Solution).
- Automation: Develop and maintain automation scripts for patching, configuration management, and evidence collection to support continuous authorization.
- Cloud Infrastructure Admin: Provision, configure, and maintain client cloud infrastructure (AWS GovCloud, Azure Government, IL2-IL6) using Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
- Maintain secure configurations for cloud, virtualized, and hybrid environments, ensuring availability and resilience
- Collaborate with development, DevSecOps, and cloud engineering teams to embed security into system design and deployment workflows
- Maintain documentation including security plans, SSPs, POA&Ms, and configuration baselines
- Support incident response activities, including investigation, containment, and corrective action implementation
- Collaborate with agile software teams to remediate application risks.
- Manage Cloud Service Provider (CSP) security tools (AWS Security Hub, Azure Defender).
- Troubleshoot cloud-based application performance and security issues.
- Apply security patches and manage IAVAs (Information Assurance Vulnerability Alerts).
Requirements
- Secret – Fully Cleared Only, must confirm clearance is active
- Client 8140 intermediate certification or client 8570 IAM Level II certifications or higher
- US Citizens Only
- Bachelor’s degree in IT, Engineering, Computer Science, or a related field; master’s degree preferred.
- 5-7 years in Cloud Engineering/Admin or Cybersecurity.
- Experience with cloud platforms (Cloud One, AWS, Azure Government)
- Experience securing CI/CD pipelines and DevSecOps environments
- Experience with Kubernetes/Docker containerization, CI/CD tools (Jenkins, GitLab CI), AWS/Azure Services, and IaC (Terraform).
- Familiarity with client cybersecurity mandates (RMF, STIGs).
- Familiarity with container security (Docker, Kubernetes security practices)
- Experience with vulnerability scanning and security tools (e.g., Nessus, Fortify, SonarQube, Anchore)
Qualifications
- DoD 8570/8140 compliance (e.g., CISSP, Security+ CE, CASP+ CE).
- Experience supporting Air Force maintenance/logistics platforms
- Familiarity with Platform One / DoD software factory ecosystem
Skills
- Knowledge of client IT processes and technology stack, including DevSecOps CI/CD pipelines, Cloud One environments, Oracle-based systems, and Java application stacks.
- Experience with cloud platforms (Cloud One, AWS, Azure Government).
- Experience securing CI/CD pipelines and DevSecOps environments.
- Experience with Kubernetes/Docker containerization, CI/CD tools (Jenkins, GitLab CI), AWS/Azure Services, and IaC (Terraform).
- Familiarity with client cybersecurity mandates (RMF, STIGs).
- Familiarity with container security (Docker, Kubernetes security practices).
- Experience with vulnerability scanning and security tools (e.g., Nessus, Fortify, SonarQube, Anchore).
Benefits
- Competitive pay
- Comprehensive health, dental, and vision insurance
- Paid life insurance
- Paid time off
- 11 paid holidays
- Performance bonuses
- Tuition reimbursement
- Unlimited training
- The opportunity to thrive in a collaborative, flexible, and innovative environment