We are seeking talented and motivated Cloud Security Engineers to support development teams in the design and implementation of secure cloud-based digital platforms. As an integral member of the Monitoring and Compliance Team, you will help maintain and enhance the overall enterprise security posture which includes the protection of the agency's most sensitive data. Responsibilities include providing regular reviews and input to the agency's AWS Well-Architected Framework.
- Applying Security-as-Code principles across the board to improve security of the client's product suite & provide training, mentoring, and best practices to the teams.
- Leading the development of an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions
- Responding swiftly to new and emerging security threats and vulnerabilities, investigate suspected attacks and help manage security incidents including providing post-mortem analysis, identify causes, develop solutions and preventive measures.
- Managing the development, refresh and implementation of security policies, standards, guidelines and procedures
- Designing, building and maintaining real-time security event alerting systems utilizing Python and AWS core services (i.e., SQS, Lambda, EC2, and SNS).
- Automating security IA processes to reduce as much manual intervention as possible
- Building the integration framework between various alerting, metrics, and logging systems
- 8 years of experience or it may be substituted with the following;
- 6 years of experience and an Associate's Degree
- Familiarity w/ AWS' Well-Architected Framework's
- Familiarity w/ 5 Cloud Security practice areas
- Experience with AWS (or other similar CSPs) core services and security controls
- Network architecture/design, O&M, technologies, tools, and security concepts.
- Maintaining and configuring Security Groups, ACLs, VPNs, bastion hosts, etc.
- Developing and maintaining clean, readable, and maintainable code/scripts (using Python, Powershell, Bash, etc)
- Strong demonstrated experience with automation, instrumentation, log collection, and analysis
- Splunk Dashboard creation
Active Top Secret Security Clearance with TS/SCI eligibility