Cloud Security Monitoring and Reporting Engineer (Journeyman)
About The Position
Peraton is seeking a Cloud Security Monitoring and Reporting Engineer (Journeyman) to support the MODES III program supporting Military Community and Family Policy (MC&FP). In this role, the selected candidate will support monitoring and analysis of cloud security events, logs, and alerts across cloud-hosted environments to identify potential security issues and trends. This position is remote and requires an active Secret clearance. JOB DESCRIPTION Cloud Security Monitoring and Reporting Engineer Responsible for supporting cloud security monitoring, log analysis, and reporting activities to provide continuous situational awareness and compliance visibility for MODES III cloud-hosted systems. Supports monitoring and analysis of cloud security events, logs, and alerts across cloud-hosted environments to identify potential security issues and trends. Assists with configuration, operation, and maintenance of security monitoring and reporting tools, ensuring accurate collection and correlation of security data. Supports development and maintenance of security dashboards and recurring reports that communicate system security posture, trends, and findings to program and Government stakeholders. Assists with validation and reconciliation of security data from multiple sources to ensure accuracy, completeness, and consistency of monitoring outputs. Performs vulnerability scanning and assessment using tools such as ACAS/Nessus, analyzing scan results and coordinating remediation activities with system administrators and development teams. Supports incident response and escalation procedures, including initial triage of security events, documentation of findings, and coordination with the Security Operations Center (SOC) and Government stakeholders. Configures and maintains SIEM tools and log aggregation platforms (e.g., CloudWatch, Splunk, ELK Stack) to ensure comprehensive security event collection, correlation, and alerting across cloud environments. Familiar with: Splunk, AWS GuardDuty, CloudWatch Insights, CloudTrail, AWS Security Hub, AWS Config, AWS Inspector, ACAS/Tenable, STIG/SCAP automation, eMASS/RMF tooling, Tanium/SteelCloud, SIEM playbooks, SOAR orchestration, Prometheus/Grafana, ELK/OpenSearch, Kinesis/Glue/Lake Formation, Python/SQL for analytics, Splunk Enterprise Security, dashboarding (QuickSight/Tableau)
Requirements
- Active Secret clearance required.
- Experience / Education: 5 years relevant experience with BS/BA degree or 3 years with MS/MS or 1 year with PhD or 9 years w/o a degree or 7 years with AS/AA
- Certifications: Mandatory: Must possess one of the following foundational certifications at the time of hire: CompTIA CySA+, CompTIA PenTest+, EC-Council Certified Ethical Hacker (CEH), GIAC Certified Intrusion Analyst (GCIA), or an equivalent intermediate-level certification as defined in the DoD 8140 Qualification.
Nice To Haves
- Eligible for Top Secret/SCI clearance.
- AWS certifications (e.g., AWS Solutions Architect, AWS Security Specialty) or equivalent cloud certifications.
- Experience supporting large-scale government IT modernization programs.
- Worklocation: Remote with ability to travel to the NCR when required
Responsibilities
- Supporting cloud security monitoring, log analysis, and reporting activities to provide continuous situational awareness and compliance visibility for MODES III cloud-hosted systems.
- Supports monitoring and analysis of cloud security events, logs, and alerts across cloud-hosted environments to identify potential security issues and trends.
- Assists with configuration, operation, and maintenance of security monitoring and reporting tools, ensuring accurate collection and correlation of security data.
- Supports development and maintenance of security dashboards and recurring reports that communicate system security posture, trends, and findings to program and Government stakeholders.
- Assists with validation and reconciliation of security data from multiple sources to ensure accuracy, completeness, and consistency of monitoring outputs.
- Performs vulnerability scanning and assessment using tools such as ACAS/Nessus, analyzing scan results and coordinating remediation activities with system administrators and development teams.
- Supports incident response and escalation procedures, including initial triage of security events, documentation of findings, and coordination with the Security Operations Center (SOC) and Government stakeholders.
- Configures and maintains SIEM tools and log aggregation platforms (e.g., CloudWatch, Splunk, ELK Stack) to ensure comprehensive security event collection, correlation, and alerting across cloud environments.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
