Guidehouse
Cyber Consulting
CloudSecurity&AuthorizationTechnicalAnalyst
Neural analysis suggests this role is
optimal for Mid candidates.
“Cloud Security & Authorization Technical Analyst at Guidehouse. Skills: Cloud security, Assessment & Authorization, NIST RMF, FedRAMP. Provide technical cloud security leadership. Perform detailed technical reviews”
Industry & Context.
Remediation strategies
Ability to Obtain Public Trust, Travel Required: Up to 10%, Candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding
What They're Looking For.
Must Have
Ability to Obtain Public Trust, Minimum of TWO (2) years experience securing and engineering cloud platforms in federal or regulated environments, Demonstrated expertise implementing and validating cloud security controls aligned to NIST RMF and FedRAMP, Hands on experience reviewing or performing independent assessments, IV&V, or third party security assessments, Deep understanding of shared responsibility models, control inheritance, and cloud risk management, Experience developing and reviewing RMF documentation and SARs, Ability to translate complex cloud engineering concepts into clear risk and compliance narratives
Nice to Have
ACTIVE PUBLIC TRUST or SUITABILITY and maintain an active HHS/NIH clearance, Experience with AWS, Azure, or GCP cloud security architectures in FedRAMP authorized environments, Prior experience supporting or acting as a 3PAO, IV&V team member, or independent assessor, CISSP, CCSP, AWS/Azure Security Specialty, or similar certification, Experience assessing CI/CD pipelines, IaC, containerized environments, or Zero Trust architectures, Experience supporting high impact or financial systems within federal agencies, Familiarity with ServiceNow, eCase, or automated GRC platforms
What You'll Do.
Provide technical cloud security leadership
Perform detailed technical reviews
Support and execute independent assessment
Analyze Cloud Service Provider (CSP) FedRAMP packages
Develop and review RMF artifacts
Conduct interviews and technical walkthroughs
Support third party assessment coordination
Advise stakeholders on secure cloud design
Support IT audit and IV&V activities
Contribute to cloud security standards
How You'll Work.
Team & Collaboration
collaboration skills across engineering, security, compliance, and government teams
Communication Scope
Ability to translate complex cloud engineering concepts into clear risk and compliance narratives
Full Job Description
**_Job Family_ :** Cyber Consulting ** _Travel Required_ :** Up to 10% **_Clearance Required_ :** Ability to Obtain Public Trust _**What You Will Do:**_ The Cloud Security & Authorization Technical Analyst provides deep technical expertise in securing, engineering, and independently assessing federal cloud environments. This role blends hands on cloud security engineering with Assessment & Authorization (A&A), Independent Verification & Validation (IV&V), and third party assessment support to ensure cloud platforms meet federal security, risk, and compliance requirements. This position serves as a technical authority supporting FedRAMP based cloud authorizations, agency specific control implementations, and independent assessments while advising government stakeholders on secure cloud architecture and risk posture. **Key Responsibilities** * Provide technical cloud security leadership for Assessment & Authorization (A&A) activities across IaaS, PaaS, and SaaS cloud environments aligned to NIST RMF and FedRAMP. * Perform detailed technical reviews of cloud architectures, configurations, and security control implementations to validate compliance with NIST SP 800 53 and agency security requirements. * Support and execute independent assessment or IV&V activities, including readiness reviews, control validation, and Security Assessment Report (SAR) development. * Analyze Cloud Service Provider (CSP) FedRAMP packages (P ATO) and advise on agency specific control inheritance, shared responsibility models, and residual risk. * Develop and review RMF artifacts including SSPs, control implementation matrices, SARs, POA&Ms, risk acceptance documentation, contingency plans, BIAs, PIAs, and ISAs. * Conduct interviews and technical walkthroughs with system engineers, ISSOs, CSPs, and service providers to validate control implementation effectiveness. * Support third party assessment (3PAO) coordination and provide technical quality assurance of assessment deliverables. * Advise
Applying for this Cloud Security & Authorization Technical Analyst role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Guidehouse?
Real rants from real employees. Read before you apply.