Senior Cloud Cybersecurity Engineer

About The Position

Requirements

• Active or current Top Secret with SCI eligibility and the ability to obtain Polygraph
• Bachelor’s degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or related technical discipline and 12-15 years of relevant experience OR Master’s degree with 10-13 years of relevant experience. Additional years of experience may be considered in lieu of a degree.
• ISSO experience must be supplemented with demonstrated technical expertise.
• At least one DoD 8570.01-M IAT or IAM Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, CISSP (or Associate) and the ability to obtain Privileged User Account (PUA)/elevated access per DoD 8570 policy
• Hands-on experience with Linux operating systems and scripting languages such as Bash, Python, Perl or similar
• Experience with Commercial Cloud Services (C2S) and cloud-based enterprise services, preferably AWS
• Experience securing software applications and infrastructure by implementing security controls
• Experience supporting RMF processes such as authorization and continuous monitoring
• Experience with NIST SP 800-37, SP 800-53 Rev4 or Rev5, CNSSI 1253, and applicable DoDI publications
• Experience implementing and validating STIG compliance across operating system, database, server, and application tiers
• Experience with RMF/GRC platforms such as Xacta or eMASS
• Experience with performing compliance & vulnerability scans and related security tools for SIEM & event management, SAST, DAST
• Demonstrated understanding of unique security threats in the cloud and the required corresponding system security posture
• Demonstrated understanding of how to secure Kubernetes platforms and integrate security into CI/CD pipelines, containers, and platform orchestration tools.

Nice To Haves

• Active TS/SCI with polygraph
• Experience supporting the Intelligence Community in RMF activities with ICD 503 and related compliance directives, policies, procedures
• Multiple IAT/IAM II or III advanced certifications such as: CISSP-ISSAP/ISSEP CISM CCSP Security X/CASP+
• Cloud certifications such as: AWS Solutions Architect AWS Security Specialty
• Kubernetes and Cloud Native Associate (KCNA) Certified Kubernetes Administrator (CKA) Certified Kubernetes Security Specialist (CKS)
• Linux certifications such as: Linux+ Red Hat Certified System Administrator - Enterprise Linux (RHCSA) Red Hat Certified Engineer - Enterprise Linux (RHCE) Red Hat Certified Architect - Enterprise Linux (RHCA)
• Prior network engineering experience with encryption and transport in the cloud
• Experience applying DoW Zero Trust framework
• Experience applying security controls to various AI implementations
• Understanding of secure software development practices and code reviews in Agile and DevSecOps environments

Responsibilities

• Collect, review, assess, and provide feedback on system cybersecurity, architecture, and engineering artifacts
• Collect, review, assess, and provide feedback on system cybersecurity Body-of-Evidence (BOE) results required to support DoD & IC RMF cybersecurity authorization processes
• Conduct periodic compliance scanning, vulnerability assessments, and risk analysis for cloud-based systems
• Implement and manage security controls for containerized applications and the underlying cloud-based infrastructure
• Collaborate with DevSecOps, infrastructure, and software development teams to ensure secure coding and engineering practices
• Ensure integration of security measures into software development processes, CI/CD pipelines, and engineering tools
• Develop, maintain, and execute shell commands, scripts, and automation code for STIG compliance and validation
• Implement and manage continuous monitoring solutions of cloud-based architectures
• Support Government cybersecurity officials & program personnel in preparing cybersecurity packages, including Interim Authority to Test (IATT) packages, Authority to Operate (ATO) packages, and Change Requests (CRs)
• Stay current with emerging cloud security threats, technologies, and best practices

Benefits

• Paid Time Off
• 11 paid Holidays
• 401K with a 6% company match and immediate vesting
• Flexible Schedules
• Discounted Stock Purchase Plans
• Technical Upskilling
• Education and Training Support
• Parental Paid Leave
• Health and Wellness programs
• Income Protection
• Paid Leave
• Retirement