Cloud Cybersecurity Artifact Collector
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: None
Type of Travel: None
The Opportunity:
The Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program is seeking a Cloud Cybersecurity Artifact Collector to support the United States Coast Guard (USCG) by assessing and verifying the security and compliance posture of cloud-hosted systems. This role will focus on auditing cybersecurity controls, validating compliance with federal frameworks (e.g., FedRAMP, NIST RMF, FISMA), and assisting in risk mitigation and governance activities across Azure and AWS environments.
This is a full-time, remote position. Candidates must reside within the United States. All collaboration and meetings are conducted virtually
Responsibilities:
Perform independent audits and assessments of cloud systems (e.g., Azure, AWS) to ensure alignment with DoD, DHS, and federal cybersecurity standards.
Evaluate security controls and cloud configurations against compliance frameworks including FedRAMP, NIST SP 800-53, STIGs, and Secure Cloud Computing Architecture (SCCA).
Analyze system security documentation such as SSPs, POA&Ms, incident response plans, and contingency plans to validate completeness and accuracy.
Conduct security control assessments (SCA), penetration testing reviews, and security impact analyses as part of continuous authorization and compliance validation processes.
Review and validate logging, alerting, and monitoring practices using tools like Microsoft Sentinel, Azure Monitor, and AWS CloudTrail.
Lead or support compliance audits, inspections, and IV&V (Independent Verification & Validation) activities.
Provide findings and risk analysis to stakeholders, identifying gaps and offering remediation strategies aligned with security best practices.
Track and report on compliance metrics, vulnerabilities, and deviations; ensure documentation supports annual FISMA reporting and continuous monitoring plans.
Use eMASS (Enterprise Mission Assurance Support Service) to track RMF packages and manage control implementation evidence.
Leverage RegScale for automating compliance tasks, continuous control monitoring, and maintaining system security documentation.
Contribute to compliance automation strategies using scripting and tools (e.g., PowerShell, Azure Automation, AWS Config Rules).
Coordinate with ISSOs, engineers, and system owners to ensure audit readiness and a proactive cybersecurity posture.
Assist the ISSM and ISSOs in preparing documentation for system ATO packages and in maintaining continuous monitoring artifacts.
Support ISSM and ISSO efforts in responding to internal and external audits, inspections, and data calls.
Collaborate with ISSM/ISSO personnel to ensure accurate, timely, and complete system documentation in accordance with agency requirements.
Qualifications:
Active Secret Clearance
DoD 8570 IAT Level II Certification (e.g., Security+ CE)
Minimum 5 years of experience auditing or assessing cybersecurity compliance for federal or DoD systems
Strong knowledge of FedRAMP, FISMA, RMF, NIST SP 800-53, STIGs, and cloud compliance practices
Hands-on experience with system security assessments and reporting of audit findings
Familiarity with cybersecurity tools and scanning platforms (e.g., Tenable, Microsoft Defender, Qualys, or similar)
Excellent written and verbal communication skills, particularly in technical documentation and presenting audit findings to stakeholders
Desired:
Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, or related field
Microsoft certifications (e.g., AZ-500, SC-900, SC-100)
Experience auditing Azure, AWS, or hybrid cloud infrastructures
Familiarity with Secure Cloud Computing Architecture (SCCA) controls
Experience using eMASS to manage system authorizations and RMF artifacts
Experience using RegScale for automated compliance tracking and reporting
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
Your potential is limitless. So is ours.
Learn more about CACI here. (https://careers.caci.com/global/en/life-at-caci)
Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits) .
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$75,200-$158,100
CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
