Description
Overview Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted. We're seeking a Junior Cloud Security Engineer who's passionate about secure cloud infrastructure and eager to grow their expertise. Join our dynamic team and collaborate with seasoned experts to embed security into multi-cloud systems and Infrastructure as Code (IaC) workflows. You'll be part of a mission-driven environment, helping translate security compliance frameworks into real-world, scalable implementations using tools like Terraform across AWS, Azure, and hybrid setups. Responsibilities Develop and maintain System Security Plans (SSPs) and related compliance documentation (e.g., POA&Ms, risk registers). Translate security requirements into policies and guardrails (e.g., IAM hardening, encryption at rest/in-transit). Contribute to Infrastructure as Code (IaC) review and development with a security-first mindset. Maintain clear and audit-ready documentation of deployed security controls across Azure, AWS, and on-premises hybrid systems. Collaborate with compliance and GRC teams to map controls to technical implementations. Participate in security assessments, configuration reviews, and remediation tracking. Stay current on cloud-native security practices and tooling (e.g., Sentinel, Checkov, tfsec, OPA, etc.). Qualifications Required Qualifications: 1–3 years of experience in cybersecurity, DevSecOps, or cloud engineering roles. Familiarity with cloud security principles (AWS/Azure/GCP), IAM, encryption, and network security. Hands-on exposure to Terraform or similar IaC tools. Desired Qualifications: Understanding compliance frameworks such as NIST 800-53, 800-171, or CMMC. Excellent documentation and technical writing skills. Working knowledge of Git, CI/CD workflows, and scripting (e.g., Python, Bash, PowerShell).
Qualifications
Required Qualifications: 1–3 years of experience in cybersecurity, DevSecOps, or cloud engineering roles. Familiarity with cloud security principles (AWS/Azure/GCP), IAM, encryption, and network security. Hands-on exposure to Terraform or similar IaC tools. Desired Qualifications: Understanding compliance frameworks such as NIST 800-53, 800-171, or CMMC. Excellent documentation and technical writing skills. Working knowledge of Git, CI/CD workflows, and scripting (e.g., Python, Bash, PowerShell).
Responsibilities
Develop and maintain System Security Plans (SSPs) and related compliance documentation (e.g., POA&Ms, risk registers). Translate security requirements into policies and guardrails (e.g., IAM hardening, encryption at rest/in-transit). Contribute to Infrastructure as Code (IaC) review and development with a security-first mindset. Maintain clear and audit-ready documentation of deployed security controls across Azure, AWS, and on-premises hybrid systems. Collaborate with compliance and GRC teams to map controls to technical implementations. Participate in security assessments, configuration reviews, and remediation tracking. Stay current on cloud-native security practices and tooling (e.g., Sentinel, Checkov, tfsec, OPA, etc.).
Apply on company website
Find Connections via Linkedin
