[Contingent] Cloud Architect
Phia LLC
Job Description
Job DescriptionJob DescriptionDISCLAIMER: This position is in support of a current government proposal. Employment is contingent upon contract award to phia, LLC.Status: Proposal – Contingent upon Award
Location: Hybrid – Washington, DC Metro AreaSchedule: Full-time | Core hours 0730–1600 EST, Monday–FridayFocus Areas: Cloud Security, FedRAMP, AWS, Continuous Monitoring, Compliance Automation, SIEMOVERVIEWphia is seeking an experienced Cloud Architect to lead cloud security architecture and FedRAMP authorization activities in support of a federal client's multi-cloud environment. This role requires deep federal cloud expertise and the ability to design AI-enabled compliance automation solutions for complex cloud infrastructure.You will architect secure, FedRAMP-compliant cloud solutions, lead Continuous Monitoring (ConMon) design for cloud systems, and develop AI-powered tools to automate FedRAMP compliance data collection and analysis across cloud environments.WHAT YOU'LL DO Design and oversee implementation of FedRAMP-compliant cloud architectures for SaaS, PaaS, and IaaS environments; verify FedRAMP authorization status for cloud service offerings prior to adoption.Support agency CIO approval processes for FedRAMP Sponsorship requests in compliance with applicable federal policies and orders.Design and implement Continuous Monitoring (ConMon) solutions for cloud systems, ensuring control performance is measurable, documented, and reportable per federal ISCM requirements.Develop AI-enabled compliance automation tools capable of scanning cloud accounts and VPCs, collecting FedRAMP-specific control evidence, storing findings in a centralized ConMon repository, and identifying unmet requirements.Architect and assess cloud-native security configurations including networking, firewall, reverse proxy, and related automation capabilities.Review and interpret security event reports from SIEM platforms and cloud-native security services; analyze compliance and non-compliance metrics to drive remediation.Assess end-to-end data encryption practices (SSL/TLS, in-transit and at-rest) across cloud environments; identify vulnerabilities related to data or configuration exposure.Support cloud ATO packages: provide cloud-specific control evidence, assess cloud service provider (CSP) inherited controls, and ensure cloud security posture is accurately documented.Provide architectural guidance to cloud security engineers and development teams on cloud data privacy, protection practices, and federal risk management frameworks.WHO YOU ARECloud Security Architect: You have designed FedRAMP-authorized cloud environments for federal clients. You know the difference between FedRAMP Ready, In Process, and Authorized, and what it takes to get there.Cloud Networking Expert: You have deep hands-on knowledge of cloud networking, security services, and automation tooling in AWS and/or Azure environments.ConMon Specialist: You have built or operated continuous monitoring programs for federal cloud systems and know how to design automated evidence collection pipelines that satisfy ISCM requirements.AI-Forward: You can design and direct development of AI-powered compliance automation tools.SIEM-Savvy: You access, review, and interpret SIEM dashboards, alerts, and reports to derive actionable security intelligence from cloud telemetry.Federal-Fluent: You understand FedRAMP, FISMA, NIST SP 800-53, and federal compliance requirements as they apply to real cloud deployments.PREFERRED SKILLSPrior federal cloud architecture experience with federal agenciesExperience designing AI/ML-based compliance automation or security analytics platformsAWS certifications: AWS Certified Solutions Architect - Professional, AWS Certified Security - SpecialtyExperience with FedRAMP Agency ATO and Agency Sponsorship processesFamiliarity with multi-cloud security architecture (AWS and Azure) in federal settingsExperience with cloud-native SOAR integration for automated remediation workflowsREQUIRED EDUCATION + EXPERIENCEEducation: Master's degree in Cybersecurity, Cloud Computing, Information Technology, Computer Science, or closely related field (required)Experience: 10+ years of experience in cloud and cloud security solutions in federal government environmentsCertifications: Relevant AWS, Azure, or FedRAMP certifications strongly preferred
Clearance: Public Trust / Suitability clearance required
GENERAL PROGRAM REQUIREMENTSCitizenship: Must be a U.S. Citizen. No exception.Work Hours: Full-time; Monday–Friday core hours 0730–1600 ESTWork Location: Hybrid – Washington, DC Metro Area; on-site presence required.
Classified work must be performed at a government-designated facility on government-provided equipment.Travel: Occasional travel may be required in support of this program.
Who We Arephia LLC ("phia") is a Northern Virginia based, small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customer's missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.phia offers excellent benefits to enhance work-life balance, including the following:Medical InsuranceDental InsuranceVision InsuranceLife InsuranceShort Term & Long Term Disability401k Retirement Savings Plan with Company MatchPaid HolidaysPaid Time Off (PTO)Tuition and Professional Development Assistance
phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.