Security Cloud Engineer

Summary

Join our team as a Security Cloud Engineer and play a crucial role in enhancing and managing our organization's cybersecurity posture. This 12+ month contract position in Washington, DC (remote) requires a qualified and experienced professional to safeguard sensitive data, ensure compliance, and strengthen our security framework. You will assess, implement, and maintain security measures to protect our digital assets and information. The ideal candidate will possess in-depth knowledge of cloud security best practices and hands-on experience with various cloud security tools and services. This role demands strong analytical and problem-solving skills, as well as the ability to develop and implement effective security solutions and training programs.

Requirements

• Possess in-depth knowledge of cloud security best practices, principles, and technologies, including IAM, encryption, network security, container security, and serverless security
• Have hands-on experience with cloud security tools and services such as AWS Security Hub, AWS native security services, cloudtrail, guard duty, security groups, cloudwatch
• Have a strong understanding of security compliance requirements and frameworks (e.g., GDPR, HIPAA, SOC 2, ISO 27001) and experience implementing controls and measures to achieve compliance
• Be proficient in scripting and automation for security automation and orchestration
• Possess excellent analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions
• Have a minimum of 15 years of experience working in the field of Cloud cybersecurity
• Have knowledge of federal and industry-specific regulations and compliance requirements related to cybersecurity (e.g., FISMA, HIPAA, GDPR)
• Have experience in preparing for and participating in security audits and assessments for Cloud environments
• Have expertise in AWS network security, including AWS firewalls
• Be proficient in security technologies such as SIEM (Security Information and Event Management) systems and endpoint protection solutions for AWS
• Have a demonstrated ability to develop and implement security policies, procedures, and standards
• Have a strong understanding of AWS cloud security principles and best practices
• Have 16+ years developing, leading, and executing information security incident response plans
• Have 16+ years developing standard and complex IT solutions & services, driven by business requirements and industry standards
• Have a BS Degree in IT, Cybersecurity, Engineering, or equivalent experience

Responsibilities

• Identify security vulnerabilities
• Design and implement security solutions
• Monitor security systems
• Respond to security incidents impacting client on-premises and cloud hosted resources
• Provide subject matter expertise in the design, development and implementation of security best practices which includes, but is not limited to, network security, application security, access control, and security policy development
• Review the design and implement secure AWS cloud architecture solutions, including VPC configurations, security groups, IAM policies, encryption mechanisms, and logging and monitoring for the AWS cloud environment
• Conduct vulnerability assessments and penetration testing on AWS infrastructure and applications
• Develop and implement remediation plans to address security vulnerabilities and weaknesses
• Provide security training and guidance to AWS users, developers, and administrators to promote a culture of security awareness and compliance within the organization
• Implement, administer and operate information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus, network traffic analyzers and malware analysis tools
• Utilize advanced experience with scripting and tool automation such as Perl, PowerShell, Regex
• Develop, lead, and execute information security incident response plans
• Develop standard and complex IT solutions & services, driven by business requirements and industry standards
• Leverage dynamic and static code assessment tools to measure vulnerability of applications throughout the SDLC

Preferred Qualifications

Have a Masters Degree in Engineering or Computer Science