Senior Cloud Security Engineer

About The Position

Requirements

• Ability to obtain a U.S. government Security Clearance
• Bachelor’s Degree in an IT-related field
• 7+ years of experience architecting, designing, developing, and implementing cloud solutions
• 5+ years of experience with one or more clouds (i.e. AWS, Azure, or GCP)
• 5+ years of experience with Git SCM providers such as GitHub, GitLab, Bitbucket
• 7+ years of experience supporting systems development within an Agile environment
• 5+ years of experience implementing infrastructure as code and orchestration
• 5+ years of experience conducting monitoring, risk assessment, threat modeling, and security testing in cloud environments
• 5+ years of experience documenting POA&M, SSP, and A&A support documentation

Nice To Haves

• AWS Certified Security – Specialty
• AWS Certified Solution Architect – Associate
• Microsoft Certified: Azure Administrator Associate
• Certified Information Systems Security Professional (CISSP)
• Excellent written and verbal communication skills, interpersonal, and collaborative skills
• Experience with documenting an as-is state of the environment, performing a gap analysis, and producing artifacts that articulate options and recommendations
• Experience with scripting in languages such as Bash, PowerShell, Python, Groovy, or Ruby
• Experience with automation tools, including Pivotal, Chef, Terraform, CloudFormation, or Ansible

Responsibilities

• Identify and implement the most secure cloud-based solutions for the customer including components for zero-trust architectures, identity and access management policy, and data privacy
• Understand the needs of stakeholders and optimize solutions that marry security with usability
• Monitor cloud environments for suspicious activities with cloud native monitoring or SIEM solutions and investigate security incidents where appropriate
• Examine infrastructure as code written by others and analyzing risk
• Ensure that systems are safe and secure against cybersecurity threats through risk assessment, threat modeling, and compliance with industry standards (e.g. NIST, ISO 27011, HIPPA, FISMA, etc.)
• Identify technical problems, perform root cause analysis, and develop updates and ‘fixes’
• Automate security processes such as vulnerability management and patch management
• Work with software developers and DevSecOps engineers to ensure that development follows established security processes and works as intended
• Support enterprise cloud security through infrastructure as code including any activities around automated server or network configurations, large-scale software deployments, and monitoring and testing
• Ensure effective design and implementation of data protection and encryption mechanisms for data at rest and in transit
• Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations
• Identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues
• Act as an individual contributor and mentor more junior team members
• Engineer and implement solutions and provide recommendations for continuous improvement for the services provided
• Present regular status updates and provide cross training to other team members