Cloud Security Engineer

About The Position

Requirements

• Able to work normal business hours (core) and occasional/limited on-call hours as requested by the client and/or as required by operational demands (e.g., during major incidents)
• Eight (8) years of cyber security experience, with at least six (6) of those years working as a Cloud Security Engineer in an enterprise SOC environment
• Demonstrated expertise in performing cyber threat hunting activities in cloud environments (e.g., SaaS, PaaS, IaaS, including O365, SIEM, EDR, and other cloud-based applications) is critically important
• Demonstrated experience leading incident response activities when cloud-based tools and systems are involved
• Experience across all major cloud providers (AWS, Azure, Google)
• Bachelor’s degree required OR additional relevant experience
• Ability to work as an integral part of a high-performing SOC team is required
• Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms
• Understanding of recent cybersecurity policies and mandates such as EO 14028, M-21-31, NSM-8, and their impact on SOC activities

Nice To Haves

• Advance level Cloud Security certifications are strongly preferred (e.g.., AWS Security Specialty certification)
• CISSP, GCIH, and similar certifications are a plus

Responsibilities

• Perform cloud hunting and identify embedded threats effectively and efficiently
• Review and analyze cloud logs to bring relevance and context to the data
• Lead cloud incident response activities as they occur
• Develop a full set of cloud incident response playbooks
• Work with stakeholders to ensure full visibility into workloads running in the cloud
• Ensure all cloud logs are onboarded to the SIEM tool and the correct events are logged
• Develop and implement a full set of monitoring use cases to enable DOJ security tools to immediately and automatically detect cloud threats
• Continuously tune security tools for optimization, i.e., maximum blocking with minimal false positives
• Devise and implement additional KPIs and metrics that help DOJ monitor the overall health of this function
• Ensure and enable DOJ’s participation in threat information-sharing initiatives across the USG
• Assist the engineering team with the deployment, configuration, and maintenance of cloud-based SOC tools, technologies, applications, and solutions
• Perform research and lead proof of concept efforts to determine where additional technologies may be necessary

Benefits

• Health/Dental/Vision
• 401(k) match
• Paid Time Off
• STD/LTD/Life Insurance
• Referral Bonuses
• professional development reimbursement
• parental leave