Cloud Security Architect with Security Clearance

Overview BigBear.ai is seeking a Cloud Security Architect with an active TS/SCI with Poly clearance to design and implement secure cloud architectures that support an ATO Automation Platform deployment while ensuring compliance with federal security requirements. This role leads the technical implementation of an ATO Automation Platform across multi-cloud and hybrid environments, establishes secure integrations with cloud service providers, and ensures the platform operates within customer security boundaries and authorization scopes. This position will be based out of our Columbia, MD office but will support multiple customers in the Baltimore/Washington corridor and beyond. What you will doDesign secure reference architectures for deploying an ATO Automation Platform in AWS GovCloud, Azure Government, and on-premises environmentsImplement secure API integrations between the ATO Automation Platform and cloud service provider platforms for real-time configuration analysisConfigure cloud security services (AWS GuardDuty, Azure Security Center) to feed security findings into the ATO Automation Platform's compliance monitoringEstablish security boundaries and authorization scopes for systems under the ATO Automation Platform's managementImplement data protection controls including encryption at rest and in transit for compliance artifacts processed by the ATO Automation PlatformDesign network security architectures supporting the ATO Automation Platform deployment in classified environmentsConduct security assessments of an ATO Automation Platform components and validate compliance with customer security overlaysDevelop cloud infrastructure-as-code templates that incorporate security controls mappable by the ATO Automation PlatformDesign AWS GovCloud reference architecture for deploying the ATO Automation Platform in FedRAMP High environment with appropriate VPC segmentation and encryptionConfigure the ATO Automation Platform's integration with Azure Government APIs to enable automated analysis of NSG rules and Key Vault configurationsImplement cross-account IAM roles enabling the ATO Automation Platform to perform read-only assessments of 50 AWS accounts across an agencyDesign hybrid cloud architecture supporting the ATO Automation Platform deployment for systems spanning on-premises data centers and commercial cloudConduct security assessment of the ATO Automation Platform's LLM processing to ensure compliance with agency data handling requirements What you need to haveBachelor's Degree with a Technical concentration with at least 10 years of professional experienceTS/SCI with an active Poly clearanceDeep expertise in cloud security architectures across AWS GovCloud and Azure GovernmentStrong understanding of cloud security services and compliance capabilitiesExperience with FedRAMP authorization processes and cloud security requirementsProficiency in cloud IAM design and least-privilege access modelsKnowledge of network security architecture including VPCs, security groups, and network segmentationExperience with encryption technologies and key management servicesUnderstanding of API security and secure integration patternsFamiliarity with cloud compliance frameworks (AWS Security Best Practices, Azure Security Benchmark) What we'd like you to haveExperience deploying security platforms in classified cloud environments (AWS Secret/Top Secret regions, Azure Government Secret)Knowledge of DoD Cloud Computing Security Requirements Guide (SRG) implementationPrior experience with compliance automation platform deploymentsCertifications: AWS Certified Security Specialty, Azure Security Engineer Associate, CCSP (Certified Cloud Security Professional)Understanding of zero-trust architecture principles and implementationExperience with Infrastructure as Code security scanning (Checkov, tfsec, Terrascan)Familiarity with container security in cloud environmentsBackground in federal cloud migration projects and Cloud Smart strategy About BigBear.ai BigBear.ai is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity. Customers and partners rely on Bigbear.ai's predictive analytics capabilities in highly complex, distributed, mission-based operating environments. Headquartered in McLean, Virginia, BigBear.ai is a public company traded on the NYSE under the symbol BBAI. For more information, visit and follow BigBear.ai on LinkedIn: @BigBear.ai and X: @BigBearai. BigBear.ai is an Equal opportunity employer all protected groups, including protected veterans and individuals with disabilities.bfb3568a-762b-4989-884b-a9682aa104ca

Created: 2026-03-09