Cloud Cyber Security Engineer

About The Position

Requirements

• Active or current Top Secret with SCI eligibility and ability to obtain Polygraph
• Bachelor’s degree in a related field and 8+ years of industry experience with 5+ years in cybersecurity or additional years of experience in lieu of degree (ISSO experience must be supplemented with demonstrated technical expertise)
• At least one DoD 8570.01-M IAT Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, CISSP (or Associate)
• 5+ years securing cloud-based software applications and infrastructure as well as the implementation of security controls to controlled cloud environments
• 5+ years of experience hardening Linux hosts and automating DISA STIG implementation
• Demonstrated experience securing Kubernetes platforms (secrets management, RBAC, etc.) and integrating security into CI/CD pipelines and containers; must understand microservices architecture and service mesh.
• Demonstrated experience developing A&A packages to obtain and maintain ATO in secure environments.
• Strong knowledge of compliance frameworks NIST SP 800-37, SP 800-53, CNSSI 1253 and applicable DOD
• Experience with tools such as Xacta or eMass, performing vulnerability compliance scans, and assessing STIG compliance
• Experience with scripting languages such as Bash and Python for automation
• Understanding of secure software development practices and code reviews
• Experience with encryption and transport, especially in the cloud

Nice To Haves

• Multiple IAT/IAM II or III advanced certifications (e.g. CISSP-ISSAP/ISSEP, CISM, CCSP, Security X/CASP+)
• Cloud certifications such as AWS Solutions Architect (Associate or Professional), AWS Security Specialty
• Kubernetes certifications such as KCNA, CKA, CKS
• Prior Linux administration experience and certifications such as Linux+, Red Hat certifications (e.g. RHCSA, RHCE)
• Experience with ICD 503 and related compliance directives, policies, procedures
• Experience with security tool such as Splunk, Nessus, SonarQube, as well as DAST & SAST tools such as Prisma Cloud and SonarQube
• Experience applying Zero Trust framework to secure systems
• Prior network engineering experience
• Experience applying security controls to Generative AI implementations

Responsibilities

• Develop and maintain security policies, procedures, and best practices for cloud and cloud-native environments
• Perform security assessments, vulnerability management, and risk analysis for cloud-based systems across secure enclaves
• Implement and manage security controls for Kubernetes clusters and containerized applications
• Ensure integration of security measures into CI/CD pipelines and DevSecOps processes
• Conduct security reviews of cloud architectures, service configurations, and system design changes to understand the impact to security controls
• Develop and maintain ATO packages and ensure compliance with DOD/IC standards and frameworks such as DODI 8500 series, NIST SP 800-37, SP 800-53, CNSSI 1253, ICD 503
• Implement and manage continuous monitoring solutions for cloud environments
• Collaborate with development teams to ensure secure coding practices and perform code reviews
• Stay current with emerging cloud security threats, technologies, and best practices

Benefits

• Training
• Teamwork
• Exposure to challenging technical work