Dine Development Corporation is seeking a Cloud Security Engineer to support an innovative legacy application migration effort with a strong focus on AWS cloud security, Identity, Credential, and Access Management (ICAM), and Zero Trust architecture. This role is responsible for ensuring the secure design, deployment, and operation in compliance with Department of Defense (DoD) cybersecurity requirements. The successful candidate will integrate modern cloud security practices, implement Zero Trust principles, and provide technical leadership to achieve and maintain the Authority to Operate (ATO) at the Secret level.

*This position is contingent upon contract award. Expected award end of Sept. 2025*

• Cloud & Security Architecture

  • Design and implement secure AWS cloud environments that align with DoD Cloud Computing Security Requirements Guide (SRG) and FedRAMP High baselines.
  • Implement and manage Zero Trust principles, including micro-segmentation, identity-based access controls, continuous authentication, and least privilege access enforcement.
  • Lead efforts to integrate ICAM solutions, ensuring interoperability with DoD enterprise identity services and compliance with ICAM strategy requirements.

  Security Configuration & Hardening

  • Apply DoD STIGs, NIST 800-53 controls, and AWS security best practices to the MOCAS cloud environment.
  • Configure and monitor network segmentation, encryption (in transit and at rest), and key management in cloud environments.
  • Enforce MFA, conditional access, and enterprise-wide authentication/authorization policies across applications and services.
  • Remediate findings from automated scans, penetration tests, and compliance assessments.

  DevSecOps & Continuous Monitoring

  • Embed security automation into CI/CD pipelines, ensuring infrastructure-as-code (IaC) deployments meet compliance and security requirements before release.
  • Integrate vulnerability scanning, and AWS-native or opensource security services into pipelines and production monitoring.
  • Ensure continuous monitoring of logs and alerts via SIEM solutions, cloud-native monitoring, and DoD-compliant auditing tools.

  Compliance & ATO Support

  • Support Risk Management Framework (RMF) activities by preparing and maintaining security documentation, including system security plans (SSPs), control implementation statements, and security assessment reports.
  • Provide artifacts and evidence to auditors and stakeholders to achieve and sustain ATO.
  • Ensure security compliance for all system interconnections, including interagency service agreements (ISA).

  Program Support

  • Provide advisory support to government leadership on cloud security policies, Zero Trust adoption, and modernization strategies.
  • Collaborate with cross-functional teams (developers, architects, program managers) to ensure security is integrated across the system lifecycle.
  • Participate in working groups, IPTs, and security design reviews, and provide technical expertise to guide decisions.
  • Other duties as assigned.

• Must be a US Citizen and Must possess IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC) at time of proposal submission. (Active Secret clearance preferred.) 
• Certifications: Security+, CISSP, CISM, or cloud-focused certifications such as AWS Certified Security – Specialty.
• Education: Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
• 8+ years of IT security engineering experience, with at least 3+ years focused on cloud security (AWS preferred).
• Expertise in AWS/Cloud security services
• Familiarity with DoD cybersecurity requirements (STIGs, RMF/ATO process, NIST 800-53).
• Understanding and application of Zero Trust architecture principles.
• Strong experience with ICAM integration in enterprise environments.
• Experience with DevSecOps tools (CI/CD pipeline integration, automated compliance, SIEM integration).
• Experience in LLMs.

Preferred Qualifications

• Experience supporting DoD cloud migration or modernization projects.
• Background in hybrid/multi-cloud security environments (AWS with on-prem or other cloud providers).
• Experience preparing and defending ATO packages for cloud-based systems.
• Knowledge of data protection solutions (DLP, tokenization, encryption management) in defense environments.
• Prior work in Zero Trust adoption programs within DoD or Federal agencies.

Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that delivers IT, professional, and environmental solutions to advance the missions of federal, state, and tribal government agencies. As thought leaders and innovators, our team of specialists build client-centric solutions that solve critical challenges faced by defense, civilian, and healthcare organizations. Employing a mission-focused approach, we deliver value that not only enhances current operations, but also drives future change. Closely aligned with this approach is our commitment to advancing the Navajo Nation and its People. Through economic development and community empowerment, we elevate the Navajo Nation to provide lasting impact and sustainable growth for future generations. DDC’s ability to unite legacy-inspired technologies, industry best practices, and proven methodologies has contributed to our success for twenty years.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation, or any other basis prohibited by law. We participate in E-Verify.

#dinesourcejobs