landing_page-logo
H

Cloud Security Compliance Engineer

Hoplite Solutions LLCFort Meade, MD
Apply with Sonara

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.1

Reclaim your time by letting our AI handle the grunt work of job searching.

We continuously scan millions of openings to find your top matches.

pay-wall

Job Description

Hoplite Solution is seeking a highly skilled Cloud Security Compliance Engineer with hands-on experience obtaining Authority to Operate (ATO) for AWS cloud-based workloads. The ideal candidate will be well-versed in federal compliance frameworks such as NIST RMF and NIST SP 800-53 and capable of automating compliance processes within AWS environments. You will play a key role in authoring security documentation, integrating security tools, and supporting the automation of governance activities across complex cloud architectures.

Key Responsibilities:

  • Lead or support efforts to obtain and maintain ATOs for AWS-based systems.

  • Implement and manage compliance automation tools and AWS governance services such as AWS Config.

  • Develop and maintain Body of Evidence (BoE) documentation including:

    • Security control implementation statements

    • System Security Plans (SSPs)

    • Test plans and procedures

    • Architecture diagrams

  • Integrate AWS monitoring and auditing services (e.g., CloudWatch, CloudTrail) into GRC platforms.

  • Build and configure STIG-compliant AWS resources, including hardened Amazon Machine Images (AMIs).

  • Automate security-related processes using scripting languages (e.g., Python).

  • Collaborate with engineering, DevOps, and security teams to ensure systems meet federal and organizational compliance requirements.

Required Qualifications:

  • Proven experience obtaining ATO for AWS cloud-based systems.

    Active Poly

  • Strong knowledge of federal security frameworks such as:

    • NIST Risk Management Framework (RMF)

    • NIST SP 800-53

  • Experience with AWS-native compliance/governance services (e.g., AWS Config, AWS Organizations).

  • Demonstrated experience authoring ATO-related documentation.

  • Proficiency in integrating AWS log data (CloudTrail, CloudWatch) into GRC tools.

  • Experience automating security tasks using Python.

Desired Qualifications:

  • Familiarity with customer-specific security practices (e.g., STE, STN).

  • Experience with STIG implementation and building hardened cloud images.

  • Relevant certifications such as:

    • AWS Certified Security – Specialty

    • CISSP, CAP, or similar

  • Experience working in federal or highly regulated environments.

Powered by JazzHR

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.

Apply with SonaraApply manually
pay-wall