Requires US Citizenship Yes
Employment Term and Type: Regular, Full Time
Required Security Clearance: (Minimum for hire) TS/SCI
Required Education:  (Minimum for hire)  Bachelor's Degree in Engineering or engineering discipline; Computer science or IT discipline; Technical discipline
Salary Band: $170K- $185K

Job Description:
Provide comprehensive Risk Management Framework (RMF) support for a new emerging cloud environment designed for classified systems, ensuring hosted capabilities achieve and maintain Authorization to Operate (ATO) and Authorization to Proceed (ATP) in accordance with DoD, DON, and NIST cybersecurity requirements. Deliver expert support across the RMF lifecycle, including system categorization, security control selection, tailoring, and development of required documentation. Support assessment readiness, continuous monitoring, and security engineering activities necessary to sustain secure operations. Coordinate with Navy and DoD cybersecurity stakeholders to ensure alignment with enterprise policies and cloud security requirements. Ensure all RMF activities comply with CNSSI 1253, NIST SP 800‑53/53A, DoDI 8510.01, DON CIO policy, and DoD cloud/enterprise control inheritance frameworks. Support documentation, assessment preparation, and ongoing authorization efforts for assigned classified cloud systems. This position plays a critical role in maintaining compliance, strengthening cybersecurity posture, and enabling the secure modernization of emerging cloud‑based classified capabilities.


Primary Duties and Responsibilities:
 • Execute the full Risk Management Framework (RMF) lifecycle for classified cloud‑hosted systems, including system categorization, control selection, tailoring, and authorization support.
• Develop, maintain, and update RMF documentation and artifacts, including System Security Plans (SSP), Security Assessment Plans (SAP), Plans of Action and Milestones (POA&M), system inventories, data flow diagrams, and other required documentation.
• Analyze vulnerability and compliance scan results (e.g., ACAS, STIGs, SCAP, MDE), validate findings, and coordinate remediation activities with system owners and engineering teams.
• Identify and document inherited security controls from cloud service providers and enterprise services, ensuring accurate representation within RMF packages in eMASS and Xacta.
• Support configuration and change management processes by conducting Security Impact Assessments (SIAs) and advising Configuration Control Boards (CCBs) on cybersecurity risks.
• Perform and support security control assessments in accordance with NIST SP 800‑53A, including evidence collection, validation, and coordination with Security Control Assessors (SCAs).
• Maintain accurate, up‑to‑date eMASS and Xacta records, including control implementation status, assessment evidence, and POA&M entries throughout the RMF lifecycle.
• Plan, coordinate, and execute continuous monitoring activities and Annual Security Reviews (ASRs), including risk reporting and remediation tracking.
• Support incident response and contingency planning activities, ensuring procedures remain current and aligned with Navy cybersecurity requirements.
• Participate in cybersecurity governance forums, Cybersecurity Status Reviews (CSRs), Security Working Groups (SWGs), and CCBs, to communicate system risk posture.
• Support system modernization initiatives and cloud capability enhancements by performing security impact analyses and updating RMF documentation.
• Ensure compliance with DoD, DON, and NIST security policies, including CNSSI 1253, DoDI 8510.01, and DON CIO guidance.
• Provide clear, timely communication of cybersecurity risks, posture, and authorization status to stakeholders and leadership.

Required Qualifications:
• Minimum of five (5) years of RMF, cybersecurity compliance, or system authorization experience.
• At least two (2) years supporting RMF or cybersecurity activities for DoD cloud or classified system environments.
• Hands‑on experience with eMASS and Xacta for managing RMF packages and POA&M tracking.
• Active DoD 8570/8140 baseline certification (e.g., Security+ CE, CISSP, SSCP, or equivalent) required at time of hire.

Desired Qualification:
• Familiarity with NIST SP 800‑53 Rev. 5 and experience supporting Rev. 4 to Rev. 5 transition.
• Experience with vulnerability analysis and remediation using ACAS, STIG Viewer, SCAP, and Microsoft Defender for Endpoint.
• Knowledge of DoD/DON cybersecurity policies, including CNSSI 1253, DoDI 8510.01, and DON CIO policy.
• Experience with cloud security concepts such as control inheritance and shared responsibility models.
• Prior experience supporting security control assessments or coordination with SCAs.
• Familiarity with configuration management processes and CCB participation.
• Experience supporting continuous monitoring and Annual Security Reviews (ASRs).
• Strong analytical, documentation, and communication skills capable of briefing technical and non‑technical personnel.
• CISSP preferred.

Education Requirements: 

• Bachelor’s degree in engineering or engineering discipline; Computer science or IT discipline; Technical discipline

Security Clearance Requirements: 

• TS/SCI

Physical, Work Environment & Conditions:

• Typical office environment.
• Must be able to sit or stand at a workstation for extended periods.
• Occasional standing while working in server rooms or at patch panels.
• Must be able to lift and move moderately heavy equipment (e.g., routers, switches, servers) typically up to 30–50 pounds.
• Manual Dexterity required for connecting cables, configuring devices, and handling small tools or components.
• Must be able to view computer screens for long periods.
• Ability to distinguish color-coded documents, cabling, and indicator lights.
• Must be able to climb ladders or crawl in tight spaces for cable runs or equipment installation.
• May require walking between different buildings or workstations.
• Must be able to communicate clearly with technical teams and end-users.
• May need to hear alarms, server beeps, or equipment noises indicating issues

 
This position description is not intended as, nor should it be construed as, exhaustive of all responsibilities, skills, efforts or working conditions associated with this job. This and all positions are eligible for organization-wide transfer. Management reserves the right to assign or reassign duties and responsibilities at any time.
 
Company Overview: FGS, LLC is an international, leading-edge provider of technical services to include Secure Information Systems, Security and Engineering and Intelligence Analysis. Our turn-key solutions include design, engineering, deployment operations, and sustainment of secure technology and critical infrastructure for the protection and safety of our customers' mission-critical information, processes, and personnel. Demonstrating an unyielding commitment to our customers, superior trust and dedication with our partners, and leading-edge technical expertise over the past seven years, FGS has experienced explosive growth providing superior services throughout the world, from North America and the Pacific Rim to the Middle East and Europe.

FGS provides secure, leading-edge technology and process management services to military, government, and commercial clients worldwide.

FGS offers a generous compensation package including health, dental, vision, 401(k), group life insurance, educational reimbursement, among other benefits.

We value our employees and strive to offer many opportunities for professional growth.

#cjpost – Cloud Engineer
FGS, LLC is an Equal Opportunity Employer as to all protected groups, including protected veterans and individuals with disabilities