Cybersecurity; Cloud Assessment Manager

About Us

AGE Solutions is a premier technology and professional services company, providing in-depth consulting, advanced technology solutions, and essential services throughout the U.S. government, defense, and intelligence sectors. Prioritizing innovation and client-focused solutions, we assist major agencies in addressing intricate issues and ensuring a more secure future.

AGE Solutions is looking for a Cybersecurity (Cloud Assessment) Manager to join our team in support of our cybersecurity risk management and assessment program with our DoD customer. As the Cloud Assessment Manager, you report to the Program Manager and will work directly with the government director, responsible for ensuring the team completes all deliverables on schedule and on time. Additionally, the Cloud Assessment Manager will ensure all products and artifacts produced for the government are in accordance with quality requirements as per the contract PWS.

You will oversee (but not conduct) analysis, independent validations of assessments, and Continuous Monitoring (Con Mon) for authorized CSPs and CSOs.

This role is remote, but will involve travelling to Ft Meade, MD as required.

• Manages nine Cybersecurity Engineers (Mid and Sr) to ensure deliverables are on time and of the required quality.
• Responsible for metrics and tracking all Cloud Assessment deliverables. Prioritizes requirements as needed IAW government. Provides complete and timely Weekly Playbook, Monthly One-Pager, Monthly Status Report (MSR) and Quarterly Progress Report (QPR) for Cloud Assessment section (RE2).
• Prepares slide decks and information papers for the government as needed.
• Meets with division leads and directors as required.
• Manages staff to ensure proper prep and delivery of up to 30 Cloud Security Assessment Packages annually, each including validated cybersecurity controls, certifier recommendations, and a statement of residual risk.
• Ensures technical kickoff meetings are successful.
• Promotes documented and refined assessment procedures and validation best practices to align with DoDI 8510.01 and the DoD Cloud Computing Security Requirements Guide (SRG).
• Oversees completion of:
  • Cloud Security Assessment Packages in accordance with established guidelines, including the SAR, POA&M, and any Deviation Requests.
  • Draft Authorization Recommendation Memoranda outlining CSO compliance with DoD cybersecurity controls, residual risks, and technical findings.
  • Completion of cybersecurity assessments and validations of Cloud Service Offerings (CSOs) in support of the Department of Defense (DoD) Provisional Authorization (PA) process.
  • Formal DoD Provisional Authorization memoranda, detailing authorization length, CSO boundary, services provided, operating conditions, DoD usage considerations, and follow-on activities.
  • Cloud Service Provider (CSP) documentation packages following government guidance and procedures, including key artifacts such as the Cloud Architecture Diagram, System Security Plan (SSP), SSP Addendum, Readiness Assessment Report (RAR), System Architecture, Security Assessment Plan (SAP), Security Assessment Report (SAR), and associated Plans of Action & Milestones (POA&Ms).
  • Validated CSO controls within eMASS or other government-provided Governance, Risk, and Compliance (GRC) tools; ensure accurate tracking in the Mission Status Report (MSR).
  • Customer Responsibility Matrix (CRM), ensuring proper control inheritance is reflected in eMASS/GRC systems.
  • Review, analysis, and processing of additional documents including Change Requests, Extension Requests, Deviation Requests, Whitelist Requests, Corrective Action Plans, templates, process guide approvals, and continuous monitoring (Con Mon) artifacts for existing Provisional Authorizations.
  • Upload authorization conditions as system-level POA&Ms in eMASS and monitor their resolution.
  • DoD Cloud Process Guide, including all checklists, templates, forms, and guidance documents and ongoing development and annual updates.
  • Internal requirements and how-to guides for assessors conducting CSP validations.
• Other deliverables as required.

• Bachelor's degree (IT-related field preferred) or equivalent experience
• Eight (8) years of overall experience in cybersecurity or network security position
• Have an active DoD Top Secret clearance with SCI eligibility or willing/able to obtain
• Familiarity with security controls for Azure, AWS, and assorted cloud platforms
• Solid understanding of DoD Risk Management Framework (RMF), DoDI 8510.01, and DoD Cloud Computing Security Requirements Guide (SRG)
• Familiarity with cloud security documentation, including SSPs, SARs, RARs, and POA&Ms
• Strong technical writing and communication skills to produce security assessment reports and formal recommendations
• Ability to present information to senior government leaders

Compensation: $120,000+

• 26 Days Paid Leave: Includes vacation, sick, personal time, and holidays. You…