Security Engineer (Cloud Security Engineer) — FedRAMP Control Implementation & Automation Support

C2 Labs is hiring a Security Engineer (Cloud Security Engineer) to support FedRAMP authorization acceleration and ongoing ConMon for defense-focused startups and companies deploying production workloads on Azure Government. You’ll implement security controls, build repeatable evidence pipelines, and help make ConMon feel like an operational routine—not a monthly fire drill. What you’ll do · Implement and tune cloud security controls (IAM, logging, vulnerability management, configuration baselines, incident readiness). · Configure security tooling and integrations to produce repeatable evidence for authorization and ConMon. · Support remediation and hardening workstreams, including vulnerability scan remediation support. · Help automate evidence exports / reporting inputs where feasible and keep operations sustainable post-authorization. What we’re looking for · 5+ years security engineering experience, including cloud security implementation and operations. · Hands-on experience with vulnerability management and secure configuration practices. · Working familiarity with cloud logging/monitoring, IAM guardrails, encryption/key management, and incident response readiness. · Comfort scripting/automation (PowerShell, Python, bash) and working with APIs/integrations. · Ability to communicate technical findings clearly to non-engineers and support audit/assessment discussions. Nice to have · Bachelor’s degree in Computer Science, Engineering, IT, or related field · Azure security experience (Defender for Cloud, Sentinel/Log Analytics, Azure Policy, PIM) and/or Azure Government experience. · Experience supporting NIST 800-53 / FedRAMP assessments, remediation, or ConMon deliverables. · Security+ / AZ-500 / CISSP or similar certifications. · Experience integrating evidence into GRC platforms (RegScale preferred). Engagement details · 1099 independent contractor (initial engagement); project-based with potential extension into ConMon operations. · Remote-first; occasional on-site support only when customer environment requires it (rare). · No clearance required; must be able to pass a standard background check and sign NDA/SOW. · Work is typically in Azure Government environments supporting FedRAMP 20X and/or legacy packages. Apply tot his job Apply To this Job