Cloud Vulnerability Remediation Engineer

closed
T-Rex Solutions, LLC Logo

T-Rex Solutions, LLC

πŸ’΅ $100k-$120k
πŸ“Remote - Worldwide

Summary

Join T-Rex Solutions as a Vulnerability Analyst supporting the US Department of the Treasury's TCloud development. You will be responsible for ensuring the security and integrity of cloud infrastructure across various platforms (AWS, Azure, OCI, GCP). This role demands expertise in identifying and remediating OS-level vulnerabilities, collaborating with cybersecurity teams, and maintaining security policies. A deep understanding of cloud services, OS vulnerabilities, and security best practices is crucial. You will also mentor junior engineers and stay updated on the latest security threats. The position requires a Bachelor's degree, 4+ years of experience, and US citizenship with the ability to obtain Public Trust clearance.

Requirements

  • Must be a US Citizen with the ability to obtain a Public Trust clearance
  • Bachelor’s degree in Computer Science, Information Technology, or related field and at least 4 years' experience
  • Experience in cloud engineering, with a focus on security and vulnerability management across AWS, Azure, OCI, and GCP
  • Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements
  • Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001
  • Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools
  • Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets
  • Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks
  • Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment
  • Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders

Responsibilities

  • Identify and remediate vulnerabilities in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks
  • Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses
  • Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team
  • Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening
  • Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments
  • Stay up-to-date with the latest security threats, vulnerabilities, and technology trends relevant to cloud infrastructure and operating systems
  • Provide guidance and mentorship to junior engineers and team members on best practices for security and vulnerability management in cloud environments

Preferred Qualifications

  • Professional certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, or equivalent
  • Active Treasury clearance preferred
  • Experience with Infrastructure as Code (IaC) tools such as Terraform or CloudFormation
  • Familiarity with DevSecOps practices and integrating security into CI/CD pipelines
  • Knowledge of container security and orchestration tools such as Docker and Kubernetes

Benefits

  • Competitive salaries
  • Performance bonuses
  • Training and educational reimbursement
  • Transamerica 401(k)
  • Cigna healthcare benefits
  • PTO available to use immediately upon joining (prorated based on start date)
  • Paid parental leave
  • Individual and family health, vision, and dental benefits
  • Annual budget for training, professional development and tuition reimbursement
  • A 401(k) plan with company match fully vested after 60 days of employment
This job is filled or no longer available