Specialist Arlington, Virginia


FI Consulting is seeking a full-time Cloud Security Engineer to work in our Arlington, VA Headquarters and throughout the Metro DC area on client projects.

For more than 20 years, financial institutions in the Federal, private and public sectors have called on FI Consulting to address complex and high-stakes analytical challenges that are closely scrutinized by executives, auditors, regulators and stakeholders. We help clients succeed by applying our core strengths in business applications of Data Engineering, Analytics, Modeling, and Business Architecture to gain insight into finances, loans, performance, manage risk, and improve operations.

FI Consulting is a fast-moving, high-growth firm with huge potential. FI offers variety, challenge, responsibility and the opportunity to realize your leadership potential.

Job Description:

The Cloud Security Engineer provides NIST, Risk Management Framework (RMF) and Federal Risk and Authorization Management Program (FedRAMP) expertise to support system owners in achieving and maintaining an Authorization to Operate (ATO).


  • Extensive experience developing/creating packages and achieving ATOs (new as well as updates) and providing information system security expertise to ensure the appropriate operational security posture is maintained for information systems.
  • Develop system security plan and related documentation updates, collaborate with system owners (such as ISSO, CISO etc.,) to execute ATOs and/or related security processes.
  • Experience implementing security system controls, policies, technical security safeguards, and operational security measures and applying policies to address requests for information, conduct risk assessments leveraging cyber best practices.
  • Assist in preparation and review of documentations to include System Security Plans (SSPs), Risk Assessment Reports (RAR), and other Assessment & Authorization (A&A) artifacts.
  • Assist in the research and address information security issues as required, develop and maintain the Plan of Action and Milestones (POA&M) and support remediation activities.
  • Develop and advise development of Assessment and Authorization (A&A) artifacts and security documentation to include, but not limited to System Security Plans (SSP), Plan of Action and Milestone (POAM), Contingency Plan, Incident Response Plan, Configuration Management Plan
  • Assist with pre-assessment preparation.
  • Executing the security assessment and authorization (or ATO) process with independent assessors
  • Provides expertise to support the technical review of ATO packages and advises officials on ATO determinations.
  • Creates an internal SOP guidance to document processes for obtaining ATOs.
  • Provides input and keeps current the ATO Cloud Security Status Report and the Cloud Security Dashboard to indicate progress and status of the ATO packages.
  • Builds upon existing processes and artifacts to define, update, and maintain a repeatable ATO process and guide for cloud environment.
  • Executing Continuous Monitoring and maintaining the security posture of the systems.
  • Perform Risk Management Framework (RMF) activities to achieve Authority to Operate (ATO)
  • Perform continuous monitoring of security controls to ensure that they are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems.
  • Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.,
  • Experience with Information Security Monitoring, RMF automation, NIST security controls, the Governance, Risk Management, and Compliance (GRC) security documentation tools, RMF, FedRAMP, FISMA and other security compliance processes and frameworks.
  • Strong verbal and written skills required providing management status reports and document system changes.
  • Train and mentor team members

Required Qualifications:

  • 4+ years of experience developing/creating packages and achieving ATOs, security processes  and creating artifacts, control implementation details, and POA&Ms
  • 4+ years of Cyber Security experience
  • 3+ Years of IT experience (Networking/System Administration)
  • Familiarity with Hardening, DoD STIG processes
  • Experience with security automation tools within Azure, Dynamic 365, Microsoft 365 environment  in production and lower environments.
  • Experience with Amazon Web Services (AWS) and/or Microsoft Azure
  • Knowledge of cloud service models (e.g., Software as a Service (SaaS), Infrastructure as a  Service (IaaS), Platform as a Service (PaaS)
  • BS degree in an applicable area (Computer Science, Engineering, MIS, etc.)
  • CISSP, CCSP, or other relevant security certifications.
  • Microsoft Azure Administrator Certified

What its really like to Work for Us:

You will work with a team of smart, talented people in a culture that is simultaneously driven, collegial, and supportive. We set high expectations for employees in the areas of project delivery excellence, building trusted client relationships, and continuous improvement. We insist on teamwork and collaboration.

As part of our meritocratic culture, we strongly encourage each of our employees to remain committed to “stretching” the levels of their most current professional strengths to continuously adapt, grow and expand their subject matter expertise for the benefit of adding value to our clients. The emphasis on stretch starts at the very top of our organization and is promoted throughout to all members of our team. The desire of our employees to stretch is critical to effectively, and with greater flexibility, plan project assignments and subsequently position our people and the company for future success.

Who We Are:

FI Consulting is a 70+ person professional services firm that helps government and commercial financial institutions solve hard problems in data, analytics, modeling, and technology. Our professionals are specialists with expertise across a range of fields, for example:  

  • Financial and economic modeling
  • Data analytics & visualization
  • Financial products and markets
  • Economics and statistics
  • Business process management and re-engineering

Our Company Values & Operates on:

  • A Commitment to Creating Value for our Clients and our Employees
  • A Flat Management Structure that is Still Led by one of the Original Founders
  • An Emphasis on Teamwork and Cooperation
  • Employee Development and Career Growth
  • Continuous Improvement
  • An Entrepreneurial Culture that Rewards Finding, Developing, and Owning Business

Security Requirements:

  • Authorized to work in the United States as a permanent resident or US Citizen. We are not able to sponsor or accept any VISA Holders at this time including OPT, H1B, EAD.
  • All job applicants will be required to successfully complete a background investigation, which will include a pre-employment drug screen and a credit check.
  • Reside in the DC Metro area within 30 days of hire.
  • Secure and protect company and client data and information and prevent its improper disclosure.

FLSA Designation - This is an exempt position. FI Consulting is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities. FI Consulting participates in E-Verify.