Information Security Engineer

About The Position

Requirements

• U.S. Citizenship
• Must have an active TS/SCI clearance
• Must be able to obtain DHS Suitability
• 5+ years of experience in information security, preferably in cloud environments
• Strong knowledge of AWS security services and best practices
• Experience with security monitoring and SIEM tools
• Understanding of encryption, PKI, and data protection technologies
• Knowledge of federal security compliance requirements (FISMA, FedRAMP, NIST 800-53)
• Experience with AWS EC2/S3/VPC deployment and configuration, Cloudtrail, Cloudwatch, AWS Security Hub
• Experience with Nmap, Nessus, Splunk Administration/Configuration
• Linux/Unix System Administration (Alma9, RHEL, CentOS, Ubuntu from most to least)
• Experience/knowledge with NIST, STIG, ATO, SOC, or system hardening experience
• Experience with vulnerability management and penetration testing
• Strong understanding of network security principles
• Experience with security automation and scripting
• Relevant security certifications (CISSP, Security+, CCSP, or similar)

Nice To Haves

• Experience supporting incident response or threat hunting operations
• Knowledge of container and Kubernetes security
• Experience with infrastructure-as-code security scanning
• Familiarity with STIG implementation and compliance automation
• Background in forensics or malware analysis
• Experience with cloud security posture management tools
• Knowledge of DevSecOps practices and tools
• AWS Certified Security – Specialty
• DoD 8140 IAT Level 3

Responsibilities

• Implement and maintain security controls for cloud engagement infrastructure
• Enforce encryption standards (TLS 1.2/1.3) and hardened cloud configurations
• Conduct continuous security monitoring and threat detection
• Manage vulnerability assessment and remediation processes
• Implement namespace obfuscation and data protection measures
• Ensure compliance with federal security frameworks (NIST, FedRAMP, etc.)
• Conduct security reviews of engagement kit configurations and deployments
• Coordinate incident response activities related to security events
• Develop and maintain security documentation and standard operating procedures
• Perform security assessments of third-party cloud services and dependencies
• Implement and manage identity and access management controls
• Monitor for and respond to potential security incidents or anomalies
• Support security aspects of engagement kit decommissioning and data sanitization
• Provide security guidance and training to operations teams

Benefits

• Collaboration and teamwork opportunities
• Opportunity to work alongside talented individuals passionate about their work
• Leverage collective expertise to drive innovation, solve complex problems, and deliver exceptional results for clients
• Support the nation's cybersecurity defenders
• Ensure reliable, scalable, and secure cloud infrastructure is available within hours of a cyber incident
• Protect America's digital infrastructure when it matters most