Cloud Security & Authorization Technical Analyst

The Cloud Security & Authorization Technical Analyst provides deep technical expertise in securing, engineering, and independently assessing federal cloud environments. This role blends hands on cloud security engineering with Assessment & Authorization (A&A), Independent Verification & Validation (IV&V), and third party assessment support to ensure cloud platforms meet federal security, risk, and compliance requirements.

This position serves as a technical authority supporting FedRAMP based cloud authorizations, agency specific control implementations, and independent assessments while advising government stakeholders on secure cloud architecture and risk posture., * Provide technical cloud security leadership for Assessment & Authorization (A&A) activities across IaaS, PaaS, and SaaS cloud environments aligned to NIST RMF and FedRAMP.

• Perform detailed technical reviews of cloud architectures, configurations, and security control implementations to validate compliance with NIST SP 800 53 and agency security requirements.
• Support and execute independent assessment or IV&V activities, including readiness reviews, control validation, and Security Assessment Report (SAR) development.
• Analyze Cloud Service Provider (CSP) FedRAMP packages (P ATO) and advise on agency specific control inheritance, shared responsibility models, and residual risk.
• Develop and review RMF artifacts including SSPs, control implementation matrices, SARs, POA&Ms, risk acceptance documentation, contingency plans, BIAs, PIAs, and ISAs.
• Conduct interviews and technical walkthroughs with system engineers, ISSOs, CSPs, and service providers to validate control implementation effectiveness.
• Support third party assessment (3PAO) coordination and provide technical quality assurance of assessment deliverables.
• Advise stakeholders on secure cloud design, compensating controls, and remediation strategies to address identified risks.
• Support IT audit and IV&V activities related to cloud security controls, evidence validation, and findings remediation.
• Contribute to cloud security standards, SOPs, and reusable authorization patterns to improve efficiency and consistency.

• Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY and maintain an active HHS/NIH clearance are preferred.
• Minimum of TWO (2) years experience securing and engineering cloud platforms in federal or regulated environments.
• Demonstrated expertise implementing and validating cloud security controls aligned to NIST RMF and FedRAMP.
• Hands on experience reviewing or performing independent assessments, IV&V, or third party security assessments.
• Deep understanding of shared responsibility models, control inheritance, and cloud risk management.
• Experience developing and reviewing RMF documentation and SARs.
• Ability to translate complex cloud engineering concepts into clear risk and compliance narratives.
• Strong collaboration skills across engineering, security, compliance, and government teams.

What Would Be Nice To Have:

• Experience with AWS, Azure, or GCP cloud security architectures in FedRAMP authorized environments.
• Prior experience supporting or acting as a 3PAO, IV&V team member, or independent assessor.
• CISSP, CCSP, AWS/Azure Security Specialty, or similar certification.
• Experience assessing CI/CD pipelines, IaC, containerized environments, or Zero Trust architectures.
• Experience supporting high impact or financial systems within federal agencies.
• Familiarity with ServiceNow, eCase, or automated GRC platforms.

The annual salary range for this position is $85,000.00-$141,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer :

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace., * Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend

About Guidehouse

Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.