Senior Government Cloud Compliance Architect
Emerson · Eden Prairie, MN · 1 wk ago
HybridLegal$120k–$150k/yrFull-time
About the role
You will serve as the primary architectural advisor for business units during initial requirements gathering and system design phases, while also maintaining technical documentation that demonstrates system compliance for defined systems. The Senior Government Cloud Compliance Architect is responsible for designing infrastructure environments within Azure Government GCC High that comply with government requirements for protecting Controlled Unclassified Information (CUI).
Responsibilities
- Architectural Strategy & Design
Lead the design and "blueprinting" of Azure GCC High environments tailored for DIB contractors.
Develop system architectures that integrate Azure components (AVDs, Entra ID, Sentinel, etc.) in accordance with CMMC Level 2 practices.
Produce high-level design specifications for engineering teams to execute. - Client Engagement & Scoping
Serve as the lead consultant for Emerson business units to define system boundaries and CUI flow.
Translate complex NIST 800-171 security controls into understandable business requirements for client stakeholders.
Identify and document requirements for software and on-premises equipment that are deployed in Government cloud environments. - Control Mapping & Responsibility Matrices
Develop and maintain Cloud Responsibility Matrices (CRM) to clearly delineate inherited controls, shared controls, and customer-specific responsibilities.
Validate that technical designs satisfy the specific objectives of the NIST 800-171A and the DoD CMMC Assessment Guide.
Perform focused monitoring of controls strictly within the Azure Government cloud system to ensure design integrity over time. - Support root-cause analysis efforts where technical architecture may impact compliance posture or control effectiveness.
Partner with infrastructure engineering teams to resolve systemic compliance or platform design deficiencies.
Provide Tier 3 escalation support for issues determined to be architectural, structural, or compliance-design related. - Technical Implementation Leadership
Act as the primary point of contact for engineers during the build-out phase, ensuring the final product matches the compliant design.
Conduct pre-assessment reviews of technical configurations for cloud components to ensure they are assessment or audit ready.
Coordinate with the GRC department to transition designed environments into their long-term continuous monitoring programs.
Qualifications
- 4+ years in IT Security, Cloud Architecture, or compliance with at least 3 years focused on NIST/CMMC compliance.
- Expert-level understanding of NIST 800-171 and DFARS 252.204-7012.
- Prior experience working with defense contractors or government information systems with an understanding of the unique challenges of CUI protection.
- Understanding of Azure GCC-high systems.
- Proven ability to manage complex Customer Responsibility Matrices and shared-security models.
Preferred Qualifications
- Certified CMMC Professional (CCP), or Certified CMMC Assessor (CCA).
- Professional cybersecurity certifications (Sec+, CC, etc.).
- CMMC Registered Practitioner (RP) within 6 months of hire.
- Microsoft AZ-900 course completion within 6 months of hire.
- Azure certifications.