Cloud Security Engineer (AWS) @ Computer World Services Corp. (CWS) | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Cloud Security Engineer (AWS) jobs in United States
Be an early applicantLess than 25 applicants
company-logo

Computer World Services Corp. (CWS) · 1 day ago

Cloud Security Engineer (AWS)

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$37/hr - $53/hr
date10+ years exp
ftfMaximize your interview chances
ComputerInformation Technology
check
Senior ManagementbadNo H1BnoteU.S. Citizen OnlynoteSecurity Clearance Requirednote

Insider Connection @Computer World Services Corp. (CWS)

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Implement security measures and ensure compliance with industry standards.
Monitor and optimize cloud performance, including incident recovery processes.
Utilize tools such as Splunk for Security Information and Event Management (SIEM) monitoring, analysis, logging and reporting
Review, analyze and report AWS GuardDuty alerts
Ensures secure development processes are implemented and maintained.
Collaborate with development teams to integrate applications with cloud services.
Identifies and defines computer system security requirements in coordination with DevOps teams.
Defines and implements computer security architecture and detailed cybersecurity strategies.
Develops technical solutions and utilize security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Conducts and supports investigations related to security incidents involving technology (i.e. email, endpoint, applications, and data breaches).
Consults on IT security and compliance initiatives to ensure Dev Sec Ops practices are well-defined and predictably executed.
Support risk mitigation activities such as Assessment and Authorization (A&A), continuous monitoring, and vulnerability and configuration management.
Integrate with and support a team of subject matter experts, in a highly agile environment, to implement best in class cloud solutions by leveraging a variety of automation, instance and/or container, orchestration, security, and native/non-native cloud services
Work with cloud team to architect, design, implement and maintain cloud solutions and new capabilities in AWS.
Developing deliverables associated with FISMA security package including but not limited to: System Security Plan, Contingency Plan, Incident Response Plan and Continuous Monitoring Plan
Work to complete ATO packages complaint to NIST SP 800-37 and SP 800-53 guidelines
Adhere to NIST Risk Management Framework to support analyzing development of supporting policies, procedure and plans and for the implementation of security controls and analyzing corrective action plans
Work with the System Owners, ISSOs and other stakeholders to complete assessment reports
Analyze IT security events to distinguish events that qualify as security incidents as opposed to non-incidents
Maintain working knowledge of network communications, routing protocols and common internet applications/standards

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

AWSVulnerability ManagementRisk ManagementSIEM toolsScripting skillsCloud networkingCyber Security Assessment & ManagementFirewallsDocumentationContinuous DiagnosticsMitigationChange Request Security ReviewsAccreditationOpenShiftCommercial certifications

Required

Bachelor’s Degree or higher and 10 years of related experience
Expert Knowledge Of The Following Areas Is Required: AWS
Review, analyze and/or report on tasks relating to the following AWS services: Management Console, GuardDuty, EC2, VPC, CloudTrail, Secrets Manager, Systems Manager, etc.
Monitor AWS resources, implement security protocols, and address performance bottlenecks.
Collaborate with development teams to integrate applications with cloud services
Work with cloud team to architect, design, implement and maintain cloud solutions and new capabilities in AWS.
Vulnerability Management
Ability to perform Tenable Nessus SC scans, parse/analyze/report results for vulnerability remediation.
Familiar with the Continuous Diagnostics and Mitigation (CDM) Dashboard.
Hardware/software security implementation, Different communication protocols, Encryption techniques/tools.
Familiarity with commercial products, and current Internet/mobile technology.
Change Request (CR) Security Reviews
Assessing CRs from a technical security perspective in conjunction with review boards to ensure changes do not introduce new security concerns.
Providing weekly/monthly updates to the tracking repository to maintain historical information, running totals and reporting results to the client.
Risk Management
Must demonstrate an understanding of business security practices and procedures and familiarity Identify and analyze potential threat activity
Harden the configuration of devices and networks utilizing DOD Best Practices
Identify and report unresolved security exposures with mainstream risks associated with commercial products and current Internet/EC technology.
Documentation
Developing and maintaining documentation for security systems and procedures
Experience in developing System Security Plan, Contingency Plan, Incident Response Plan and Continuous Monitoring Plan
Certification and Accreditation (C&A) - Security Authorization
Ability to support C&A, continuous diagnostics and mitigation and related initiatives.
Experience creating and resolving POA&Ms
Familiar with Cyber Security Assessment & Management (CSAM)
Implement security measures and ensure compliance with industry standards.
Monitor and optimize cloud performance, including incident recovery processes.
Utilize tools such as Splunk for Security Information and Event Management (SIEM) monitoring, analysis, logging and reporting
Review, analyze and report AWS GuardDuty alerts
Ensures secure development processes are implemented and maintained.
Collaborate with development teams to integrate applications with cloud services.
Identifies and defines computer system security requirements in coordination with DevOps teams.
Defines and implements computer security architecture and detailed cybersecurity strategies.
Develops technical solutions and utilize security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Conducts and supports investigations related to security incidents involving technology (i.e. email, endpoint, applications, and data breaches).
Consults on IT security and compliance initiatives to ensure Dev Sec Ops practices are well-defined and predictably executed.
Support risk mitigation activities such as Assessment and Authorization (A&A), continuous monitoring, and vulnerability and configuration management.
Integrate with and support a team of subject matter experts, in a highly agile environment, to implement best in class cloud solutions by leveraging a variety of automation, instance and/or container, orchestration, security, and native/non-native cloud services
Work with cloud team to architect, design, implement and maintain cloud solutions and new capabilities in AWS.
Developing deliverables associated with FISMA security package including but not limited to: System Security Plan, Contingency Plan, Incident Response Plan and Continuous Monitoring Plan
Work to complete ATO packages complaint to NIST SP 800-37 and SP 800-53 guidelines
Adhere to NIST Risk Management Framework to support analyzing development of supporting policies, procedure and plans and for the implementation of security controls and analyzing corrective action plans
Work with the System Owners, ISSOs and other stakeholders to complete assessment reports
Analyze IT security events to distinguish events that qualify as security incidents as opposed to non-incidents
Maintain working knowledge of network communications, routing protocols and common internet applications/standards

Preferred

Experience with native CI/CD tools such as CodeCommit, CodeDeploy, CodePipeline, etc.
Scripting skills (Python, Ruby, Perl, Bash, Powershell, etc.)
Strong knowledge and experience with virtual desktop interfaces.
Proficiency with Cloud networking and troubleshooting Cloud networking environments (IP networking, VPNs, DNS, load balancing, firewalls, NAT, SSL/TLS, etc.)
SIEM tools (e.g. ArcSight, Splunk, etc.)
Amazon Web Services (AWS) including Management Console, GuardDuty, EC2, IAM, VPC, S3, RDS, ECR, CloudTrail, Secrets Manager, Key Management Services, etc.
Vulnerability Management/Analysis/Reporting using Tenable Nessus SC
Enterprise security strategy, AWS cloud security and cloud computing terminology, Risk Assessments
Firewall Devices/Platforms (e.g., Palo Alto, Cisco ASP)
Firewall Rule Reviews and Rule Analysis
Cyber Security Assessment & Management (CSAM)
Information Assurance Compliance System (IACS)
OpenShift
Relevant commercial certifications desired (Security+, CISSP)
Candidate must be a US Citizen, possess DHS Suitability background investigation or be eligible to qualify for DHS Entry of Duty background investigation followed by DHS Public Trust Clearance

Company

Computer World Services Corp. (CWS)

twittertwittertwitter
company-logo
Computer World Services Corp. is an information technology company specializing in end to end network operations and IT solutions.
dateFounded in 1990
location
Falls Church, Virginia, USA
people-size201-500 employees
web-link
http://cwsc.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Farrukh Hameed
Founder and CEO
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot