Cloud Infrastructure and Security Engineer

About The Position

Requirements

• Bachelor’s Degree in Management Information Systems, Computer Science, Information Technology or related field and 5+ years of experience in Information Technology or a combination of education and related experience.
• Information Assurance Technician (IAT) Level III certified or capable of obtaining the certification within six (6) months of the completion of the probationary period.
• Cloud Expertise: Experience with AWS, Azure, or Google Cloud security and infrastructure management.
• Networking & Security: In-depth knowledge of firewalls, VPNs, IDS/IPS, SIEM, and endpoint security solutions.
• Compliance & Frameworks: Understanding of NIST, CIS, ISO 27001, FedRAMP, and other regulatory security frameworks.
• Incident Response & Monitoring: Familiarity with tools like Splunk, Sentinel, or CrowdStrike for threat detection and mitigation.
• Operating Systems: Proficiency in Linux and Windows server administration.
• Strong Analytical Skills: Ability to assess risks, troubleshoot security issues, and implement effective solutions.
• Experience in a host and client/server, telecommunications and network migration and development, desktop computing, information system integration, hardware/software evaluation, information engineering and process reengineering methodologies are required.
• Proven telecommunications and network analysis, design, implementation, tuning, and maintenance required.
• Thorough understanding of large scale storage technology (SAN, NAS, Fiber channel, Tiered storage, zoning, LUNs, security, replication, backup)
• Must be proficient in Ethernet protocols, and protocol analysis
• Excellent Communication: Ability to articulate technical security concepts to non-tech
• Must be able to effectively deliver oral presentations to management and customers
• Must be able to work independently, with minimal supervision
• Must be able to work overtime as required.
• Must be willing to work any shift or day of the week as required.
• Understanding of military protocols and customs is essential
• Must be eligible for DoD Personnel Security Clearance.

Nice To Haves

• DoD 8570 approved baseline certification IAT Level III (at least one required) – CASP, CCNP Security, CISA, CISSP, GCED, GCIH
• Preferred optional - AWS Cloud Practitioner, AWS Solutions Architect, AWS Security – Specialty, CCSP, GCSA, GSEC, CEH, CompTIA Cloud+

Responsibilities

• Design, deploy, and manage secure cloud environments (Air Force SharePoint, CloudOne, AWS) while ensuring compliance with security frameworks (NIST, ISO 27001, FedRAMP).
• Administer systems connected to NIPR network and ensure secure standards are enforced
• Configure and maintain Identity and Access Management (IAM), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) policies for cloud and on-prem systems.
• Implement and monitor security controls, including intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM), and endpoint protection solutions.
• Perform vulnerability assessments and penetration testing to identify and mitigate security risks.
• Manage networking infrastructure, including firewalls, VPNs, and load balancers, ensuring secure connectivity between cloud and on-prem environments.
• Conduct regular security audits, risk assessments, and disaster recovery planning for IT systems.
• Develop and maintain security incident response plans, ensuring rapid detection and mitigation of cyber threats.
• Stay up to date with emerging cloud security threats, vulnerabilities, and best practices.
• Provide technical guidance and training on cloud security best practices to internal teams.
• Monitors usage of system.
• Ensures Scheduled Backup Procedures, Non-Scheduled Backup Procedures, and Types of Backup Media (Initialization Procedures, Label Documentation, Storage Locations (onsite/offsite), testing backups) are in place and functional.
• Conduct information security vulnerability scanning using the DoD’s Assured Compliance Assessment Solution (ACAS) (Tenable Security Center and Nessus Software)
• Produce information security vulnerability scanning reports and develop Plans of Action and Milestones (POA&Ms) to resolve information security vulnerabilities
• Install, test, configure, maintain and upgrade the computing and networking environment (CE/NE) operating systems, applications, software, hardware and network infrastructure components to comply with cybersecurity requirements (Security Technical Implementation Guides (STIG), Security Requirements Guides (SRG) and NIST best practices)
• Implement and continuously monitor established technical security controls for CE/NE in accordance with information security plans, procedures and work methods
• Develop compensating controls for information security deficiencies
• Assist with developing or updating of Information Security related plans, procedures, work methods and documentation (such as network topology, hardware/software lists)
• Other duties as assigned

Benefits

• Comprehensive and competitive benefits package and flexibility that promotes work-life balance
• A work environment where all employees are valued, respected and safe
• Freedom to succeed by enabling team members to deliver, take initiatives and make decisions
• Recognition, professional development, advancement and having fun!