Cloud Security Specialist (AWS) - 26-04669

About The Position

Requirements

• Minimum of 5 years hands-on experience with AWS security, including cloud architecture and risk management.
• Proven expertise in implementing secure AWS cloud architectures aligned with industry best security practices and frameworks.
• Demonstrated experience with federal cybersecurity requirements, including NIST Cybersecurity Framework, OMB Memorandum M-22-09, and NIST SP 800-53.
• Strong understanding of IAM, network security, zero trust architecture, data loss protection, and DevSecOps practices.
• Expertise in AWS cloud security, security engineering, and Infrastructure-as-Code (IaC) tools.
• Familiarity with scripting for security orchestration and automation.
• Ability to perform detailed security assessments and remediate issues promptly.
• Strong analytical and problem-solving abilities to address complex security challenges.
• Excellent communication skills to engage with team members, stakeholders, and leadership.
• Ability to work independently, taking ownership of tasks and maintaining attention to detail.

Nice To Haves

• AWS Certified Security – Specialty (strongly preferred).
• AWS Certified Solutions Architect – Professional or Associate.

Responsibilities

• Conduct regular security reviews of cloud infrastructure deployed by engineering teams, ensuring compliance with security standards.
• Evaluate Infrastructure-as-Code (IaC) for security vulnerabilities and ensure that all cloud resources adhere to best security practices.
• Review and validate adherence to the AWS Well-Architected Framework security pillar, ensuring that cloud environments are architected securely and aligned with AWS best practices.
• Assess compliance with security policies and frameworks, including federal cybersecurity requirements (e.g., NIST Cybersecurity Framework, NIST SP 800-53, OMB Memorandum M-22-09).
• Identify, document, and remediate security misconfigurations and non-compliant controls.
• Develop and maintain security posture dashboards for monitoring security status across cloud environments.
• Create and update security configuration guides and playbooks for AWS environments.
• Provide technical consultation to engineering teams on implementing secure cloud solutions and best security practices.
• Offer guidance on security engineering tasks, including security hardening, risk mitigation, and securing cloud infrastructure.
• Assist in developing and updating AWS security configuration standards to enforce consistency across environments.
• Conduct security training sessions for engineering teams to ensure knowledge transfer and awareness of best security practices.
• Present security findings and recommendations to leadership and engineering teams, ensuring transparency on security posture and improvement areas.
• Identify opportunities to automate security assessments using DevSecOps tools and techniques to increase efficiency and reduce manual oversight.
• Recommend and implement security tooling improvements for cloud security operations.