Job Description
As a Cloud Security Engineer, you will work within our growing DevSecOps practice delivering features to support developing, testing, and monitoring secure cloud architectures for cloud migration, cloud optimization and cloud deployment. We are looking for candidates with 3-5 years experience with cloud platform services, cybersecurity and DevOps practices such as infrastructure as code and confirmation management automation
- Identify and implement the most secure cloud-based solutions for the customer including components for zero-trust architectures, identity and access management policy, and data privacy.
- Understanding the needs of stakeholders and optimizing solutions that marry security with usability.
- Monitor cloud environments for suspicious activities with cloud native monitoring or SIEM solutions and investigate security incidents where appropriate.
- Examining infrastructure as code written by others and analyzing risk.
- Ensuring that systems are safe and secure against cybersecurity threats through risk assessment, threat modeling, and compliance with industry standards (e.g. NIST, ISO 27011, HIPPA, FISMA, etc.).
- Identifying technical problems, performing root cause analysis, and developing updates and ‘fixes’.
- Automate security processes such as vulnerability management and patch management.
- Working with software developers and DevSecOps engineers to ensure that development follows established security processes and works as intended.
- Support?enterprise cloud security through?infrastructure as code including any activities around automated server or network configurations, large-scale software deployments, and monitoring and testing.
- Ensure effective design and implementation of data protection and encryption mechanisms for data at rest and in transit.
- Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations.?
- Identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues.
- Act as an individual contributor and mentor more junior team members.
- Engineer and implement solutions and provide recommendations for continuous improvement for the services provided.
- Present regular status updates and provide cross training to other team members.
Required:
- Ability to obtain a U.S. government Security Clearance
- BS Degree in an IT field OR BS in a non-IT field and 2 years related IT experience
- 5+ years of total experience
- 3 Years of Experience architecting, designing, developing, and implementing cloud solutions
- 3 Years of Experience with one or more clouds (i.e. AWS, Azure, or GCP)
- 3 Years of Experience with Git SCM providers such as GitHub, GitLab, Bitbucket
- 3 Years of Experience with systems development in an Agile environment
- 3 Years of Experience implementing infrastructure as code and orchestration
- 3 Years of Experience providing conducting monitoring, risk assessment, threat modeling and security testing in cloud environments
- 3 Years of Experience documenting POAMs, SSPs, and A&A support documentation
- Experience with Azure and AWS
Preferred:
- Certifications:
- AWS Certified Security Specialty
- AWS Certified Solution Solution Architect Associate
- Microsoft Certified Azure Administrator Associate
- Certified Information Systems Security Professional (CISSP)
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- Experience with documenting an as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations preferred
- Experience with scripting in Concourse, Bash, PowerShell, Python, Groovy, or Ruby
- Experience with automation tools, including Pivotal, Chef, Terraform, CloudFormation, or Ansible
