Job Description
Position Title: DHCF Cloud Security Engineer (726120)
Client: District of Columbia
Location: Washington, DC 20024 (Hybrid)
End Date: 09/30/2024 (With Possible extension to next fiscal year)
Short Description:
The DHCF Cloud Security engineer will provide a variety of security related engineering tasks in cloud environments that run DHCF applications.
The Cloud Security Engineer will collaborate with Department of Health Care Finance Chief Information Office to identify security vulnerabilities, design, and implement security solutions, monitor security systems, and respond to security incidents impacting DHCF on-premises and cloud hosted resources. The contractor shall provide subject matter expertise in the design, development and implementation of security best practices which includes, but is not limited to, network security, application security, access control, and security policy development.
Responsibilities:
Design, implement, and manage security solutions in cloud environments, ensuring the confidentiality, integrity, and availability of data.
Implement and maintain IAM solutions, including role-based access control (RBAC) and multi-factor authentication (MFA), to manage user identities and access privileges.
Ensure cloud environments comply with industry standards, regulatory requirements, and data protection laws (e.g., GDPR, HIPAA).
Conduct regular audits and assessments to verify compliance with security policies and standards.
Develop and maintain incident response plans, including procedures for identifying, containing, and mitigating security incidents in cloud environments.
Monitor Cloud Security systems and networks, analyze security alerts, and respond promptly to security incidents.
Collaborate with cloud architects to design secure and scalable cloud architectures, considering security best practices and principles.
Provide security guidance for cloud-based application development and deployment.
Implement vulnerability management program in cloud environments, including vulnerability scanning, risk assessment, and remediation efforts.
Collaborate with IT teams to prioritize and address identified vulnerabilities in cloud-based systems.
Qualifications:
Bachelor's degree in Computer Science, Information Technology, or related field.
10 years of experience.
Proven experience in designing and implementing Cloud Security solutions (AWS, Azure, or GCP).
Strong understanding of cloud-based technologies, including IaaS, PaaS, and SaaS models.
Knowledge of network security, encryption, authentication, and access control principles.
Experience with cloud compliance frameworks and security standards.
Excellent communication skills and the ability to work collaboratively in a team environment.
Deliverables:
Security assessment reports detailing identified vulnerabilities and recommended remediation strategies.
Documentation of implemented security measures and configurations.
Incident reports for security incidents, including analysis, containment, eradication, recovery, and lessons learned.
Create a detailed implementation plan outlining the steps and timeline for deploying security solutions, configuring firewalls, intrusion detection systems, and other security tools.
Integrate and configure security tools, such as SIEM (Security Information and Event Management) systems, intrusion detection systems, and vulnerability scanners, for continuous monitoring and threat detection.
Develop a comprehensive incident response plan outlining procedures for identifying, containing, eradicating, recovering from, and documenting security incidents. Conduct tabletop exercises to validate the plan.
Configure network security devices, including firewalls, routers, and switches, to enforce access controls, segmentation, and threat detection.
---------------------------------------------
CONTRACT JOB DESCRIPTION
Responsibilities:
1. Provides high-level architectural expertise to managers and technical staff.
2. Develops architectural products and deliverables for the enterprise and operational business lines.
3. Develops strategy of system and the design infrastructure necessary to support that strategy.
4. Advises on selection of technological purchases with regards to processing, data storage, data access, and applications development. Sets standards for the client/server relational database structure for the organization (Structured Query Language (SQL), Oracle, Sybase).
5. Advises of feasibility of potential future projects to management.
Minimum Education/Certification Requirements:
Bachelor's degree in Information Technology or related field or equivalent experience
Required/Desired Skills:
Skill
Required / Desired
Amount years of experience
Candidate Years of Experience
Short Description
Experience providing enterprise level Firewall operations and maintenance support.
Required
16
Network and Application Firewall Packet Filtering technologies
Required
5
Demonstrated experience with Cisco ASA firewalls, deployment and operations
Required
5
Prior experience personally rolling out and implementing new firewalls
Required
2
Demonstrated experience with Palo Alto appliances, deployment and operations
Required
5
Demonstrated experience with Check Point firewalls, deployment and operation
Required
5
Experience with Gigamon Network Visibility solutions
Highly desired
1
Troubleshooting, Scanning & Analysis tools
Required
5
Virtual Private Networking (VPNs) Technologies
Required
4
Bachelor of Science in Electrical Engineering, Computer Science, Information Technology, or equivalent data security and networking experience require
Required
4
16+ yrs as an Enterprise Architect
Required
16+ yrs building an IT system roadmap
Required
16+ yrs system diagramming/modeling using structured modeling language like UML
Highly desired
16 years of experience in Information technology
Highly desired
16