Cloud Security Engineer

CLOUD SECURITY ENGINEER

LOCATION: Springfield, VA or St. Louis, MO (very high chance of offsite support)

CLEARANCE LEVEL: TS/SCI w/CI Poly

RESPONSIBILITIES:

• assist with the development and implementation for Cloud Security architectures for protecting PCI/PII/PHI data deployed into various cloud (AWS, Azure, GCP) and hybrid systems.
• contribute to the implementation of global security for the enterprise and support the Cloud Security architecture.
• support the Cloud Security Architect in the development of security controls, mentoring others in technical security concepts, and ensuring secure cloud practices are followed.
• maintaining the controls that enable the client to operate expertly while maintaining compliance standards.
• assist with interpreting, understanding, and applying information security policies and standards to mitigate information security risks.
• develop positive partnerships and work closely with other members of the in a coordinated and focused manner.
  
• Creating cloud-based infrastructure and programs including implementing identity and access management and configuring cloud environments securely
• Monitoring for and responding to incidents in the cloud environment
• Keeping cloud infrastructure current, making recommendations, and continually improving Cloud Security technologies
• Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities
• Working with analysts, engineers, and data scientists across the organization to continually improve security resilience
• Evaluate and respond to alerts and events from the security tools, including tuning of tool configuration to minimize false positives, development of event response documentation and processes for Security Operations Center response to follow for event actions, and escalating to appropriate teams for event response
• Work with the Cloud Operations teams in the definition and implementation of security standards and best practices
• Develop and maintain documentation and diagrams for security tools, system environments, and cloud operations
• Collaborate with Product Managers, Platform Leads, and Information Security teams, to design and implement Cloud Security solutions
• Work within a DevSecOps model so that security is automated and elastic across all cloud platforms
• Discover, remediate, and validate security issues across cloud infrastructure per industry and client standard information security policies
• Build, deploy, and manage production security tools and services to monitor networks, endpoints, and cloud workloads
• Responsible for deploying, configuring, and maintaining security baselines within Microsoft Azure or Amazon Web Services or Google Cloud Platform cloud environments
• Provides oversight over the implementation of approved security architecture/policies/procedures
• Initiate and conduct project security reviews to identify cloud infrastructure security risks.
• Reviews and oversees the implementation of approved recommendations on Cloud Security design and implementation
• Implement core and cloud infrastructure security to manage risks and exposure
• Continuously evaluate the organization's existing application security practices, help to define, standardize, and measure security-related activities, and demonstrate concrete improvements to the application assurance program within the organization
• Monitor information systems for security incidents and vulnerabilities. This includes developing monitoring and visibility capabilities as well as reporting on incidents, vulnerabilities, and trends
• Respond to information system security incidents, including the investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches

KNOWLEDGE AND SKILLS:

• Proven ability to communicate technical issues to technical and non-technical audience
• Advanced knowledge of cloud technologies
• Scripting languages like Python, Ruby-on-Rails, JavaScript, building and consuming Application Program Interfaces (APIs)/micro-services
• Working proficiency with work tracking systems such as JIRA, Workfront, Pivotal.
• Detailed understanding of cloud and network security
• Fluency in one or more programming or scripting languages
• Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies
• Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
• Designing and advising against security requirements to support cloud migration efforts.
• Strong knowledge of industry trends in security technology
• Possess a solid understanding and have experience with systems automation platforms and technologies
• Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing such as GDPR, ISO 27001, Cloud Security Alliance, NIST 800-53, NIST RMF, PCI DSS, SOC2 and FedRamp
• Problem solving skills to solve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity

EDUCATION AND EXPERIENCE:

• Bachelor's degree and 8 years' experience or
• Master's degree and 6 years' experience
• Relevant cloud certification(s) such as AWS Security Specialty, Azure Security Engineer, Google Cloud Security Engineer, Certified Kubernetes Security Specialist, CISSP, CCSP, SANS GIAC or similar qualifications
• 8 years' experience in Security Engineering
• 4 years' experience with Cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP)
• 7+ years' experience working in an information security discipline
• 3+ years' experience deploying services on public cloud infrastructure
• 3+ years' experience in security management tools
• Experience with Puppet, Jenkins, Ansible
• Experience with the development, deployment, and automation of security solutions in large enterprise environments to connect to cloud solutions such as AWS/Azure/GCP while maintaining secure operations
• Experience deploying and customizing security tools to address threats and lower risk: vulnerability scanners, static analyzers, web application firewalls, IDS/IPS, endpoint security monitoring, etc
• Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, CloudFormation, Terraform, Ansible)
• Experience using CI/CD pipelines to perform automated security testing and change management
• Experience with enterprise applications (architecture, development, support, and troubleshooting)
• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments
• Experience working with Cloud Security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
• Experience and exposure to threat modeling and design reviews to assess security implications and requirements for the introduction of new technologies
• Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
• Experience with enterprise architecture and working as part of a cross-functional team to implement solutions

Plus3 IT Systems is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, contact hr@plus3it.com [include name and/or department, telephone, and e-mail address].

The health and safety of our employees and their families is a top priority. With the continuing impacts of COVID-19 around the world, we are taking action to protect the health and well-being of our colleagues and maintain the safety of the communities where we operate. As a federal contractor, we are required to stay in compliance with Executive Order 14042 with the most up to date information provided at the following link (https://www.saferfederalworkforce.gov/contractors/).

Pay Transparency Notice: Executive Order 11246 requires government contractors to notify applicants and employees of their rights, subject to certain limitations, to discuss, disclose or inquire about compensation or compensation information. Plus3 IT Systems will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge; (b) in furtherance of an investigation, proceeding, hearing or action, including an investigation conducted by the employer; or (c) consistent with Plus3 IT Systems' legal duty to furnish information.