Cloud Infrastructure Engineer

Summary

Join Coalfire's highly-collaborative engineering team and serve as a cloud SME, leveraging your expertise in AWS, Azure, or GCP to design, architect, and deploy secure cloud solutions for clients. Partner with leading CSPs and enterprises to achieve security goals and drive digital transformation. Design and implement security tooling solutions, develop client cloud strategies, and perform cloud configuration reviews. Coordinate with clients and team members to implement defense-in-depth security techniques. Design and implement secure enterprise infrastructure using Infrastructure-as-Code. Work across various technology stacks and support the security assessment and authorization process. Author and peer-review detailed design documentation. Coalfire offers a flexible work model, prioritizing connection and wellbeing, and provides competitive perks and benefits.

Requirements

• 3+ years of directly relevant systems engineering and architecture experience including requirements definition, architecture development, development of use cases and stories, and systems integration & test
• 3+ years of experience supporting cloud architecture, design, implementation, operations and automation in AWS, Azure or GCP
• 3+ years of experience with Infrastructure-as-Code and orchestration/automation tools such as Terraform and Ansible
• Strong experience with AWS, Azure, or GCP platform capabilities and services (Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer)
• Experience working within technical teams of 3+ individuals in an Agile environment
• Excellent communication, organizational, and problem-solving skills
• Effective documentation skills, including technical diagrams and written descriptions
• Ability to work independently and as part of a team with a professional attitude and demeanor
• Critical thinking, and ability to balance security requirements with mission needs
• Ability to work quickly, efficiently, and accurately in a dynamic and fluid environment
• BS or above in related Information Technology field or equivalent combination of education and experience

Responsibilities

• Become a member of a highly-collaborative engineering team offering a unique blend of engineering solutions
• Serve as the cloud SME to clients within design, architecture, and deployment engagements in the AWS, Azure, or GCP space using automated orchestration and configuration management techniques
• Perform as a partner with leading Cloud Service Providers (CSPs) and enterprises to meet security goals and pave the way for digital transformation and modernization
• Design and implement security tooling solutions such as Tenable, Trend Micro, AquaSec, Microsoft Defender, Burp Suite and others
• Engage in developing client cloud and security strategies, vision-state architectures, roadmaps, and planning activities
• Engage with clients to perform cloud configuration and maturity reviews
• Coordinate with clients and team members to identify the right balance of defense-in-depth techniques to translate customer’s goals into a secure and effective solution
• Engage in designing and implementing secure and compliant enterprise servers, network infrastructure, boundary protection, and cloud architectures using Infrastructure-as-Code
• Work across a myriad of technology stacks in the leading cloud providers like AWS, Azure, and GCP, researching how to understand and utilize native services in deployments
• Provide support to the security assessment and authorization process
• Authoring and peer review of detailed design documentation, including security documentation and inclusive of vendor best practices

Preferred Qualifications

• Previous experience supporting clients from within a professional services organization
• Project management experience for individual and team projects(ability to track detailed tasks and ensure timely delivery)
• Experience automating workflows in GitLab/GitHub with Terraform and Ansible
• Expertise with serverless, microservices, and other modern application architectures
• Familiarity with configuration baseline standards such as CIS Benchmarks & DISA STIG
• Proven expertise in the implementation of encryption technologies (SSL, encryption, PKI)
• Familiarity with frameworks such as FedRAMP, FISMA, HIPAA, HITRUST, PCI, etc
• CISSP, CISM, or CISA certifications

Benefits

• Paid parental leave
• Flexible time off
• Certification and training reimbursement
• Digital mental health and wellbeing support membership
• Comprehensive insurance options