Cloud Security Engineer

About The Position

Requirements

• Strong troubleshooting skills across Linux, Windows, networking, and cloud services.
• Hands‑on experience with at least one major cloud provider (AWS, Azure, or GCP).
• Systems administration and vulnerability management experience.
• Ability to work independently during both business hours and on‑call periods.
• Strong communication skills for customer interaction and incident documentation.
• Hands‑on experience with one or more of the following tools:
• Splunk Enterprise
• Tenable Security Center / Nessus
• Invicti/Acunetix
• Appgate
• Okta
• GitLab
• Palo Alto Networks Firewalls
• TrendMicro Deep Security
• Trivy
• Anchore
• Terraform
• CloudFormation
• Ansible
• Must be a USC elligibile to obtain a security clearance

Nice To Haves

• Experience with FedRAMP, FISMA, or NIST 800‑53 compliance frameworks.
• Prior on‑call, SRE, SOC, or incident response experience.
• Familiarity with ITSM ticketing systems (Gitlab, Jira, ServiceNow, etc.)
• Security+ or equivalent certification.
• AWS/GCP/Azure Cloud Certifications
• Experience with infrastructure‑as‑code or automation tooling
• Experience with Kubernetes is highly desirable.
• Secret clearance or higher is desired

Responsibilities

• Perform systems administration and maintenance including patching, vulnerability scanning, compliance scanning and remediation, backups, and recovery for cloud workloads.
• Support multi‑cloud environments (AWS, Azure, GCP), including Windows and Linux EC2 instances, container workloads, and services such as EC2, EBS, S3, RDS, WorkSpaces, and Active Directory and equivalent services in other CSPs.
• Configure, update, and maintain security tools for endpoint protection, log collection, vulnerability scanning, and compliance monitoring.
• Troubleshoot issues across network, compute, application, and identity layers by reviewing logs, collecting data, and analyzing system behavior.
• Implement hardening and compliance controls using CIS Benchmarks, DISA STIGs, and FedRAMP requirements.
• Remediate vulnerabilities identified by tools such as Tenable, Trivy, OpenSCAP, Anchore, Twistlock, and others.
• Provide quality assurance feedback during system deployments to ensure architecture meets compliance and operational requirements.
• Collaborate with Security Analysts to ensure uninterrupted delivery of security services to customers.
• Create and maintain documentation including network diagrams, dataflow diagrams, SOPs, and security tool configuration guides.
• Support client communications, deliverables, and issue resolution with strong verbal and written communication skills.
• Support and mentor junior engineers as and when required.
• Serve as primary or backup on‑call engineer during assigned rotation
• Respond to after‑hours security alerts, infrastructure incidents, outages, and ConMon events.
• Perform initial triage, containment, and stabilization using established runbooks.
• Investigate and respond to alerts generated.
• Escalate complex issues to senior engineers, architects, or compliance teams.
• Document incidents, actions taken, and recommended improvements.
• Contribute to automation improvements and runbook enhancements.

Benefits

• Health/Dental/Vision
• 401(k) match
• Paid Time Off
• STD/LTD/Life Insurance
• Referral Bonuses
• professional development reimbursement
• parental leave