Cloud Security Specialist

Futrend Technology is in search of a Cloud Security Specialist to enhance our security compliance team. This role is pivotal in protecting the IT infrastructure while collaborating closely with the customer's Information Systems Security Officer (ISSO). You will focus on implementing robust security controls and ensuring compliance with federal cybersecurity frameworks while facilitating secure cloud adoption across various platforms.

As part of a comprehensive IT program, you will contribute to ensuring the availability, integrity, and confidentiality of mission-critical systems. This position is based in Bethesda, MD and requires onsite presence 3 to 5 days/week.

Key Responsibilities

• Implement security controls and ensure compliant cloud environments on AWS, GCP, or Azure in alignment with FISMA, NIH policy, and federal security requirements.
• Design and support Cloud security services and control implementations, including Identity Access management, Privileged Access, Vulnerability management, Configuration compliance, encryption, and centralized security log management.
• Monitor cloud environments for security events and anomalies using SIEM (e.g., Splunk), conduct vulnerability assessments, track remediation efforts, and maintain dashboards with measurable metrics reflecting the overall security posture.
• Integrate and enhance enterprise security solutions such as Splunk and Tenable to improve continuous monitoring, event correlation, and compliance visibility across hybrid environments.
• Investigate security incidents and alerts, perform root-cause analyses, and execute remediation actions in accordance with NIH's established incident response plan.
• Conduct threat modeling and security assessments of cloud deployments to identify and mitigate vulnerabilities while developing security requirements for applications migrating from on-premise to cloud environments.
• Automate security and compliance checks using existing tools and scripting; explore emerging platforms, such as AI-based capabilities, to enhance coverage, visibility, and operational efficiency.
• Provide security guidance, best practices, and compliance support to developers, operations teams, and system owners, fostering security awareness.

Required Qualifications

• Proven experience securing cloud environments (AWS, GCP, or Azure), preferably within FISMA compliance frameworks.
• Strong working knowledge of cloud security practices including logging, tagging strategies, ephemeral resource tracking, and cross-platform operations.
• In-depth experience applying federal compliance frameworks including FISMA, NIST 800-53, FedRAMP, RMF, and associated system authorization processes (ATO, POA&M) to information systems.
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent practical experience in Cloud security).
• 5+ years of experience in information security, with at least 3 years focused on cloud security.
• Strong verbal and written communication skills, capable of producing clear security documentation and effectively conveying technical concepts to both technical and non-technical stakeholders.

Preferred Qualifications

• Hands-on experience with automation, security event correlation, asset inventory tracking, and SIEM management (preferably in SPLUNK), using scripting or programming languages such as PowerShell, Bash, Python, or comparable.
• Experience working in regulated federal environments with complex governance and compliance requirements; actively collaborating with multi-disciplinary teams managing servers, workstations, and security appliances.
• Certifications: CISSP (or ability to obtain within 6 months).

Desired Qualifications

• AWS/GCP/Azure Certified - Specialty certifications.
• Advanced experience in Linux and Windows administration.
• Exposure to container security practices (like Docker & Kubernetes).

PI610bec879e72-26289-40298863