Cloud Security Engineer

About the position

LightFeather is seeking a Cloud Security Engineer to join our team in Washington DC. The ideal candidate will have hands-on experience designing and securing AWS environments in compliance with federal regulations. You’ll play a critical role in maintaining the integrity, confidentiality, and availability of our cloud infrastructure by embedding security best practices at every layer—from architecture and automation to compliance and monitoring.

Responsibilities

• Design, implement, and maintain secure AWS architectures compliant with federal security frameworks (FedRAMP, FISMA, NIST 800-53).
• Develop and enforce cloud security policies, standards, and baselines to align with organizational and regulatory needs.
• Manage AWS IAM roles, policies, and federated access controls; enforce least privilege principles.
• Configure and continuously monitor AWS-native security tools such as GuardDuty, CloudTrail, Security Hub, Macie, and Inspector.
• Integrate security controls into Infrastructure as Code (IaC) tools such as CloudFormation and Terraform.
• Conduct security reviews of IaC templates; identify and remediate misconfigurations.
• Support the preparation of ATO (Authorization to Operate) documentation and assist with audits and continuous monitoring efforts.
• Maintain security documentation, audit trails, and evidence required for compliance and accreditation.
• Embed security into CI/CD pipelines, utilizing automation tools like GitLab Actions and Terraform.
• Collaborate with developers and DevOps teams to enforce and implement security guardrails throughout the software development lifecycle.

Requirements

• US Citizenship.
• Active Top Secret clearance.
• Bachelor’s degree in Computer Science, Cyber Security, Information Systems, or a related field.
• Proven experience in cloud security and cybersecurity, with strong understanding of AWS services and security capabilities.
• Experience with federal compliance frameworks (e.g., FedRAMP, FISMA, NIST 800-53).
• Hands-on experience with AWS-native security tools: GuardDuty, CloudTrail, Security Hub, Macie, Inspector.
• Proficiency with Infrastructure as Code tools: CloudFormation, Terraform.
• Experience embedding security into CI/CD pipelines using tools like: GitLab CI/CD, Terraform.
• Familiarity with identity and access management in AWS, including IAM roles, policies, and SSO integrations.
• Strong documentation and communication skills, especially for compliance and audit-related deliverables.

Nice-to-haves

• AWS Security Specialty Certification or similar credentials.
• Experience in a cloud-first government or defense environment.
• Exposure to automated security testing tools and static code analysis.