AWS Security Engineer

About The Position

Requirements

• Bachelor's degree (BA/BS) in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience)
• Minimum 2-5 years of hands-on cybersecurity or information assurance experience
• Active Secret security clearance
• Experience with AWS or AWS GovCloud, including dashboards, and security services
• Hands-on experience with GitLab CI/CD pipelines and security scanning tools
• Working knowledge of DISA STIGs, NIST RMF (800-53, 800-171), and security compliance frameworks
• Familiarity with security standards: CIS benchmarks, FIPS 140-2, DFARS, CMMC, FedRAMP
• Understanding of DevOps and Agile methodologies
• Strong written and verbal communication skills for technical documentation and stakeholder engagement
• Ability to work independently with limited supervision and solve complex security problems
• Security certifications: SecurityX, CASP+, CISSP, or equivalent

Nice To Haves

• AWS Certifications: Cloud Practitioner, Solutions Architect Associate/Professional, or Security Specialty
• Experience with SAST and other application security testing tools
• Knowledge of secure software development lifecycle (SSDLC) practices
• Previous experience supporting federal government or DoD clients
• Understanding of Zero Trust Architecture principles

Responsibilities

• Design, implement, and maintain security controls for AWS GovCloud environments in accordance with DISA STIGs, NIST RMF, and FedRAMP requirements
• Lead SAST/DAST execution and runtime vulnerability assessments using GitLab tools
• Own security findings triage, remediation tracking, and verification across application portfolios
• Integrate and optimize GitLab security scanners (SAST, DAST, Dependency Scanning, Container Scanning, Secret Detection)
• Embed security controls into CI/CD pipelines and enforce secure development lifecycle practices
• Support the complete RMF accreditation lifecycle and development of artifacts required for Authorization to Operate (ATO)
• Implement and validate security controls in accordance with NIST 800-53, DISA STIGs, DFARS, and CMMC frameworks
• Assist the Information System Security Manager (ISSM) with security control implementation and continuous monitoring
• Develop and maintain Plans of Action and Milestones (POA&Ms) to remediate assessment findings
• Monitor and investigate alerts from security tools (AWS Security Hub, GuardDuty, GitLab security dashboards)
• Conduct incident response investigations using AWS CloudWatch and CloudTrail log analysis to determine root cause
• Participate in the full incident management lifecycle: identification, categorization, containment, eradication, recovery, and lessons learned
• Perform technical security assessments of computing environments to identify vulnerabilities and compliance gaps
• Review and update network diagrams, architecture documentation, and cloud security configurations
• Generate and review security architecture documentation, System Security Plans (SSPs), and compliance reports
• Serve as security engineering representative on cross-functional teams for design, development, and implementation of secure systems

Benefits

• healthcare
• wellness
• financial
• retirement
• family support
• continuing education
• time off benefits
• flexible time off benefit