Cloud Security Architect

Job Description: LS Technologies, a Tetra Tech Company is seeking a highly skilled Cloud Security Architect. This role will provide advanced technical leadership in the design, implementation, and oversight of secure cloud-based systems and architectures supporting FAA mission-critical applications. The candidate will apply deep expertise in cloud security engineering, system integration, and cybersecurity frameworks to ensure compliance with federal regulations and alignment with FAA enterprise architecture standards. The Systems Engineer will work closely with cross-functional teams to ensure the stability, scalability, and security of systems deployed on AWS, while adhering to FAA regulations and best practices. Responsibilities: Apply senior-level engineering knowledge to analyze and solve engineering, scientific, or management problems. Serve as the lead Cloud Security Architect, designing and implementing secure architectures for multi-cloud and hybrid environments supporting FAA systems. Define and document cloud security reference architectures, patterns, and standards consistent with NIST, FedRAMP, DHS CDM, and FAA-specific security requirements. Develop, track, and manage Plans of Action and Milestones (POA&Ms) to ensure timely remediation of security findings. Perform and support of IRAT (Information Risk Assessment Tool) testing, validation, and reporting for FAA systems. Prepare, review, and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and continuous monitoring deliverables. Conduct system engineering analyses to identify risks, vulnerabilities, and mitigation strategies for cloud-based solutions. Support the development of security controls, continuous monitoring strategies, and compliance documentation for FAA cloud systems. Collaborate with cross-functional engineering, cybersecurity, and operations teams to ensure seamless integration of security into all phases of the system lifecycle. Lead technical reviews, risk assessments, and trade-off analyses to inform FAA cloud adoption and modernization initiatives. Provide subject matter expertise on Identity and Access Management (IAM), Zero Trust Architecture, data encryption, container security, and secure DevSecOps practices. Mentor and guide junior engineers, ensuring knowledge transfer and capability development within FAA technical teams. Interface with FAA leadership and external stakeholders to present cloud security strategies, risks, and mitigation plans. Required Qualifications: 10+ years of progressive systems engineering experience, including at least 5 years focused on cloud security architecture and engineering. Strong knowledge of NIST risk management framework, FedRAMP, FISMA, Zero Trust, and federal cybersecurity standards. Demonstrated experience with AWS, Azure, or GCP cloud environments, including security design and compliance. Hands-on experience with POA&M management, IRAT Testing, and development of security documentation. Expertise with IAM, PKI, data protection, logging/monitoring, and cloud-native security services. Hands-on experience with DevSecOps, CI/CD pipelines, and container/orchestration security (Docker, Kubernetes, OpenShift). Familiarity with vulnerability management tools (e.g., Tenable, Qualys), SIEM solutions (e.g., Splunk, ELK), and endpoint/cloud security platforms. Strong analytical, communication, and documentation skills, with proven ability to interact with senior government stakeholders. Education: Bachelor's degree in Computer Science, Information Systems, Engineering, or related field (Master's degree preferred). Technical Skills: AWS Cloud Services - Expertise in AWS infrastructure, security, and automation services. Scripting & Automation - Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation tasks. Operating Systems - Experience with Linux and Windows operating systems. Virtualization & Containerization - Knowledge of container platforms like Docker and Kubernetes. Networking - Understanding of cloud networking concepts such as VPC, subnets, load balancing, and VPN configurations. CI/CD & DevOps - Familiarity with CI/CD pipelines and DevOps tools such as Jenkins, Git, or AWS CodePipeline. Zero Trust and Cybersecurity - Knowledge of Zscaler platform Preferred: Cybersecurity Leadership / General: CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) Cloud-Specific Security: CCSP (Certified Cloud Security Professional) AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate Google Professional Cloud Security Engineer Work Requirements: Work location: USA Position is: Completely remote Work Hours: 9-5 Travel: 10% Physical requirements: Extended Computer Use: Regular and prolonged periods of working at a computer terminal. Mobility: Ability to move around the office environment to access computer hardware, networking equipment, and server rooms. Dexterity: Manual dexterity and visual acuity to operate computer equipment, troubleshoot issues, and perform tasks requiring precision. Sitting/Standing: Both prolonged sitting and occasional standing may be required for troubleshooting and attending to system issues. Background check: Must have ability to obtain and maintain a Public Trust. About LS TechnologiesAt LS Technologies, a Tetra Tech Company, we're enhancing our nation's critical infrastructure by providing engineering, technical, and professional services to Federal Government agencies. The quality of our work, deep technical expertise, and genuine passion for public service sets us apart. As a growing organization we are expanding our benefits and communication with our employees, offering add-ons that speak to our growing employees' needs. Join us in delivering high-quality solutions and shaping the future of safety and innovation for our government partners. In 2024 we joined Tetra Tech, enabling us to combine our expertise with the reach and resources of a prestigious global organization. EEO Commitment LS Technologies, a Tetra Tech Company, is proud to be an Equal Opportunity Employer. All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sex, marital or familial status, status as a protected veteran, or any other characteristic protected by law. Tetra Tech is a VEVRAA federal contractor, and we request priority referral of veterans.We invite applications from all interested parties. Requesting an Accommodation LS Technologies is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by LS Technologies and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.If you would like to be considered for employment opportunities with LS Technologies and have accommodation needs for a disability or religious observance, please send us an email hr@lstechllc.com or speak with your recruiter. Compensation (Pay Bands) Salary at LST is determined by a wide array of factors, such as (but not limited to) education, certifications, knowledge, skills, competencies, and experience, location, and clearance level, as well as contract-specific affordability and organizational requirements and applicable employment laws. Please note that the salary information is a general guideline only. The projected compensation range for this position is provided within the posting and is based on full-time, 40 hour/week status. Part-time staff receive compensation at an hourly rate. The estimated minimum and maximum displayed represents the broadest range for this position (inclusive of high geographic and high clearance requirements) and is just one component of LSTs total compensation package for employees. ** In compliance with local laws, LS Technologies presents this reasonable compensation range as a guideline for roles in California, Colorado, New York, or Washington D.C."Benefits offered to all employees who work 30+ hours per week: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Annual Leave, and Holidays. Life at Tetra Tech: The perks of working at Tetra Tech include: Comprehensive and market-competitive benefits. Merit-based financial rewards. Flexibility and company-wide commitment to work/life balance. Collaborative team atmosphere that values the contributions of all employees. Learning and development opportunities for ongoing professional growth. About Tetra Tech:Tetra Tech is the leader in water, environment, and sustainable infrastructure, providing high-end consulting and engineering services for projects worldwide. With 30,000 employees working together, Tetra Tech provides clear solutions to complex problems by Leading with Science® to address the entire water cycle, protect and restore the environment, design sustainable and resilient infrastructure, and support the clean energy transition. Explore our open positions at https://www.tetratech.com/careers. Follow us on social media to learn more about our people, culture, and opportunities:LinkedIn: TetraTechCareers; X (Twitter): @TetraTechJobs Additional Information Organization: 230 LST