IA​/Cyber​/Cloud Admin Security Clearance

Position: IA/Cyber/Cloud Admin with Security Clearance
About Concept Plus Concept Plus is a mission-focused technology solutions provider that transforms IT concepts into impactful solutions for federal agencies. Headquartered in Fairfax, VA, we bring the agility, responsiveness, and customer intimacy of a small business combined with the quality and infrastructure of a larger firm. Recognized as an award-winning Oracle partner, we have delivered innovative solutions across Defense, Intelligence, Civilian, Health IT, and Tribal sectors.

Our highly certified experts build systems that drive efficiency, accelerate modernization, and ensure mission outcomes with certainty. We offer competitive pay, comprehensive health, dental, and vision insurance, paid life insurance, paid time off, 11 paid holidays, performance bonuses, tuition reimbursement, unlimited training, and the opportunity to thrive in a collaborative, flexible, and innovative environment. For more information, visit . About the role We are seeking an IA/Cyber/Cloud Administrator to support client IT systems development and operations.

This role requires knowledge and understanding of client IT processes and technology stack, including Dev Sec Ops  CI/CD pipelines, Cloud One environments, Oracle-based systems, and Java application stacks. Client systems are deployed in both classified and unclassified DISA and cloud environments, requiring strict adherence to client cybersecurity, configuration, and compliance standards. The IA/Cyber/Cloud Administrator provides critical security, cloud administration, and compliance support to modernize and enhance client systems by ensuring environments are secure, resilient, and continuously monitored.

This role serves as a key interface with the customer and the Program Management Office (PMO), ensuring that security controls, system configurations, and operational practices align with program requirements, RMF standards, and mission needs. The IA/Cyber/Cloud Administrator works across capability delivery teams-including development Scrums, Cloud Engineering, and Dev Sec Ops  platform resources-to integrate security into system design, CI/CD pipelines, and cloud environments.

The role supports the implementation and maintenance of security controls, vulnerability management processes, identity and access management, and continuous monitoring, ensuring systems remain compliant and operational within client environments. What you'll do
* Administer and secure cloud environments, including client Cloud One, AWS, and hybrid infrastructures supporting REMIS
* Implement and maintain security controls across CI/CD pipelines, ensuring secure code integration, build, and deployment processes
* Support RMF (Risk Management Framework) activities, including control implementation, assessment support, and ATO sustainment
* Configure and maintain STIG-compliant systems, ensuring alignment with client hardening and configuration standards
* Integrate and manage automated security tools within Dev Sec Ops  pipelines (SAST, DAST, container scanning, dependency scanning)
* Monitor system security posture using continuous monitoring tools, log aggregation, and alerting platforms
* Conduct vulnerability assessments, remediation tracking, and security reporting
* CI/CD Dev Sec Ops  Integration:
Implement security analysis tools (SAST, DAST, SCA) into CI/CD pipelines to identify vulnerabilities early.
* Cybersecurity Compliance (RMF):
Ensure cloud systems meet Risk Management Framework (RMF) standards (NIST 800-53), including ATO (Authority to Operate) support and documentation.
* Vulnerability Management:
Perform automated cybersecurity testing and manage STIG compliance, conducting scan evaluations using ACAS (Assured Compliance Assessment Solution).
* Automation:
Develop and maintain automation scripts for patching, configuration management, and evidence collection to support continuous authorization.
* Cloud Infrastructure Admin:
Provision, configure, and maintain client cloud infrastructure (AWS Gov Cloud, Azure Government, IL2-IL6) using Infrastructure as Code (IaC) tools like Terraform or Cloud Formation.
* Maintain secure configurations for cloud, virtualized, and hybrid environments, ensuring availability and resilience
* Collaborate with development, Dev Sec Ops , and cloud engineering teams to embed security into system design and deployment workflows
* Maintain documentation including security plans, SSPs, POA&Ms, and configuration baselines
* Support incident response activities, including investigation, containment, and corrective action implementation
* Collaborating with agile software teams to remediate application risks.
* Managing Cloud Service Provider (CSP) security tools (AWS Security Hub, Azure Defender).
* Troubleshooting cloud-based application performance and security issues.
* Applying security patches and managing IAVAs (Information Assurance Vulnerability Alerts). Qualifications
* Secret - Fully Cleared Only, must confirm clearance is active
* Client 8140…