Job Description

Federal Hill Consulting has partnered with a financial regulatory organization to identify a Cloud Security Specialist for a role in Washington, DC.

The Cloud Security Specialist is responsible for establishing guidance and monitoring the security of the cloud infrastructure. The Security Specialist must have knowledge of every aspect of information security within the cloud services. They ensure that the development and implementation of security requirements and security practices are incorporated throughout the system lifecycle and maintenance of solutions, applications, and products to minimize risk.

Essential Functions

  • Participates on a team for providing expert analysis of cloud cybersecurity architecture, compliance with Federal regulation and policy, and commercial best practices relating to cloud security.
  • Review, analyze, discuss, and evaluate the implementation of security controls in multiple information system environments, including dynamic cloud services (IaaS, PaaS, and SaaS).
  • Evaluate the performance of ongoing security maintenance, for example, continuous monitoring (ConMon) or continuous diagnostics and mitigation (CDM). Assess the ability of the service provider to maintain an acceptable security posture/ risk threshold on a monthly basis.
  • Analyze risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and cyber protection (security architecture) requirements as they relate to the ongoing security risk posture of the system.
  • Manage and monitor Cloud Security and Compliance services
  • Troubleshoot and resolve security issues with cloud service offerings.
  • Monitor and communicate to stakeholders the performance of the security services.
  • Ensure the security service delivery meets the business requirements.
  • Assist with the creation of policies around the proper use of Cloud Security and Compliance services.
  • Collaborate with other IT staff to facilitate effective issue resolution.
  • Design processes and procedures for public, private, and hybrid cloud integration
  • Analyze security requirements for cloud implementation and integration

Additional Technical Skills

  • Must have knowledge of cloud solution principals and technologies.
  • Experience in public cloud environment (Azure, O365 and AWS)
  • Knowledge of IT security solutions (Cloud Access Security Broker, Data Leakage Prevention, Multi Factor Authentication, Data Rights Management, etc.)
  • Cloud security concepts and protection. Experience with AWS Security and IDM is a huge plus.

Key Characteristics:

  • Ability to multitask using time management skills such as prioritizing/organizing and tracking details and meeting deadlines of multiple projects with varying completion dates.
  • Self-motivated and able to work in a fast-paced and constantly changing environment.
  • Capability to work as an effective member of cross-functional team.
  • Knowledge of common application vulnerabilities, current threat vectors and mitigations.
  • Participate in the enterprise Incident Response Plan and participate in incident response activities.
  • Ability to work in a team environment. Effective working with matrix teams across organizational structure.
  • Ability to work with external service providers.
  • Strong interpersonal and communication skills.

Additional Responsibilities:

  • Monitor industry trends for changes in physical and cyber security challenges and implement planning, policy and procedure changes in response.
  • Contribute to industry and government forums that develop industry guidance and regulations regarding security practices.

Minimum Qualifications

  • Bachelor’s degree or equivalent experience in an information technology or information security discipline
  • Certifications: CISSP, GIAC, CCSP or equivalent certification desired. Any cloud certifications a plus.
  • 3+ years of information security experience.
  • 2+ years of cloud security compliance experience.

Additional Experience:

  • Experience with security controls for an Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) cloud paradigms.


  • Must be a United States Citizen and able to obtain or currently possess a U.S. Government clearance at the Public Trust Moderate (MBI) level or higher
  • Must be a United States Citizen or a Legal Permanent Resident (LPR) with at least three (3) years of consecutive residence in the United States as indicated on the United States Citizenship and Immigration services (USCIS) LPR issued card

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online