United States onlyLocation: Remote, USA
Clearance Required: DoD Secret Clearance
Position Type: Full-Time
About the company:
At VivSoft, we aim to solve complex federal problems using emerging and open technologies in a collaborative and rewarding environment. VivSoft is a diverse team of strategists, engineers, designers, and creators experienced in building high-performance, effective software, with a focus on impactful organisational design and software delivery dynamics. We build secure Software Factories based on DoD reference designs and NIST Frameworks for Cloud and DevSecOps. These factories deliver AI/ML Applications, Data Science Platforms, Blockchain and Microservices for DoD, Healthcare and Civilian Agencies
Job Summary:
The Cybersecurity Cloud Subject Matter Expert (SME) is responsible for ensuring the secure architecture, design, and deployment of Department of Defense (DoD) cloud‑hosted IT systems. This role provides expert guidance to ensure systems comply with DoD cybersecurity requirements, Risk Management Framework (RMF), and FedRAMP standards. The SME supports programs throughout the Authorization to Operate (ATO) lifecycle, enhances cloud security posture, and provides technical leadership for cybersecurity assessments within enterprise and compartmented cloud environments.
Key Responsibilities:
- Design, review, and validate secure cloud architectures for DoD IT systems hosted in OCI, AWS, Azure, or equivalent platforms.
- Ensure cloud‑hosted systems meet DoD cybersecurity, RMF, and FedRAMP compliance requirements.
- Support the full ATO lifecycle, including SSP development, security control implementation, POA&M management, and coordination with Authorizing Officials.
- Review cloud security policies, standards, and procedures; provide recommendations to improve security posture.
- Apply current knowledge of cloud security threats, vulnerabilities, and engineering best practices to mitigate risk.
- Provide cybersecurity guidance throughout system and application deployment lifecycles.
- Advise and support assessment teams conducting Cybersecurity Vulnerability Assessments (CVAs) for cloud environments.
- Support continuous monitoring, detection, incident response, and reporting for cloud‑hosted systems.
- Collaborate with program managers, engineers, and security teams to integrate cybersecurity requirements across enterprise DoD IT environments.
Skills and Qualifications Required:
- Must possess an active DoD secret clearance
- Minimum 2 years of experience achieving ATOs in cloud environments (OCI, AWS, Azure, or similar).
- Minimum 5 years of experience supporting and achieving ATOs for DoD compartmented IT systems.
- Demonstrated experience applying FedRAMP assessment methodology to cloud‑hosted systems.
- Hands‑on experience working with Oracle Cloud Infrastructure (OCI).
- Experience supporting enterprise‑level DoD IT systems.
- Experience supporting systems through the full RMF lifecycle, including continuous monitoring.
- Knowledge of modern cloud security threats and defensive strategies
- Strong written and verbal communication skills to advise technical and non‑technical stakeholders
Certifications Required:
- At least one cloud certification (OCI, AWS, Azure, or equivalent)
Benefits:
- Comprehensive Medical, Dental, and Vision Plans (Healthcare benefits are 100% employer-paid for employees only)
- Life Insurance
- Paid Time Off (Flexible/Combined PTO, Bereavement Leave, 11 Company Paid Holidays)
- 401K Retirement Plan with employer match
- Professional Development Training Reimbursement
CA and US only