Computerworld · 1 day ago
Cloud Security Engineer (AWS)
Maximize your interview chances
Information TechnologyNews
Senior ManagementNo H1BU.S. Citizen OnlySecurity Clearance Required
Insider Connection @Computerworld
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Implement security measures and ensure compliance with industry standards.
Monitor and optimize cloud performance, including incident recovery processes.
Utilize tools such as Splunk for Security Information and Event Management (SIEM) monitoring, analysis, logging and reporting
Review, analyze and report AWS GuardDuty alerts
Ensures secure development processes are implemented and maintained.
Collaborate with development teams to integrate applications with cloud services.
Identifies and defines computer system security requirements in coordination with DevOps teams.
Defines and implements computer security architecture and detailed cybersecurity strategies.
Develops technical solutions and utilize security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Conducts and supports investigations related to security incidents involving technology (i.e. email, endpoint, applications, and data breaches).
Consults on IT security and compliance initiatives to ensure Dev Sec Ops practices are well-defined and predictably executed.
Support risk mitigation activities such as Assessment and Authorization (A&A), continuous monitoring, and vulnerability and configuration management.
Integrate with and support a team of subject matter experts, in a highly agile environment, to implement best in class cloud solutions by leveraging a variety of automation, instance and/or container, orchestration, security, and native/non-native cloud services
Work with cloud team to architect, design, implement and maintain cloud solutions and new capabilities in AWS.
Developing deliverables associated with FISMA security package including but not limited to: System Security Plan, Contingency Plan, Incident Response Plan and Continuous Monitoring Plan
Work to complete ATO packages complaint to NIST SP 800-37 and SP 800-53 guidelines
Adhere to NIST Risk Management Framework to support analyzing development of supporting policies, procedure and plans and for the implementation of security controls and analyzing corrective action plans
Work with the System Owners, ISSOs and other stakeholders to complete assessment reports
Analyze IT security events to distinguish events that qualify as security incidents as opposed to non-incidents
Maintain working knowledge of network communications, routing protocols and common internet applications/standards
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor’s Degree or higher and 10 years of related experience
Expert knowledge of AWS services: Management Console, GuardDuty, EC2, VPC, CloudTrail, Secrets Manager, Systems Manager, etc.
Ability to perform Tenable Nessus SC scans, parse/analyze/report results for vulnerability remediation.
Familiar with the Continuous Diagnostics and Mitigation (CDM) Dashboard.
Familiarity with commercial products, and current Internet/mobile technology.
Assessing Change Requests (CRs) from a technical security perspective.
Understanding of business security practices and procedures.
Harden the configuration of devices and networks utilizing DOD Best Practices.
Developing and maintaining documentation for security systems and procedures.
Ability to support Certification and Accreditation (C&A), continuous diagnostics and mitigation and related initiatives.
Experience creating and resolving POA&Ms.
Familiar with Cyber Security Assessment & Management (CSAM).
Implement security measures and ensure compliance with industry standards.
Monitor and optimize cloud performance, including incident recovery processes.
Utilize tools such as Splunk for Security Information and Event Management (SIEM) monitoring, analysis, logging and reporting.
Review, analyze and report AWS GuardDuty alerts.
Ensures secure development processes are implemented and maintained.
Identifies and defines computer system security requirements in coordination with DevOps teams.
Defines and implements computer security architecture and detailed cybersecurity strategies.
Develops technical solutions and utilize security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Conducts and supports investigations related to security incidents involving technology.
Consults on IT security and compliance initiatives to ensure Dev Sec Ops practices are well-defined and predictably executed.
Support risk mitigation activities such as Assessment and Authorization (A&A), continuous monitoring, and vulnerability and configuration management.
Integrate with and support a team of subject matter experts, in a highly agile environment.
Work with the System Owners, ISSOs and other stakeholders to complete assessment reports.
Analyze IT security events to distinguish events that qualify as security incidents as opposed to non-incidents.
Maintain working knowledge of network communications, routing protocols and common internet applications/standards.
Preferred
Experience with native CI/CD tools such as CodeCommit, CodeDeploy, CodePipeline, etc.
Scripting skills (Python, Ruby, Perl, Bash, Powershell, etc.)
Strong knowledge and experience with virtual desktop interfaces.
Proficiency with Cloud networking and troubleshooting Cloud networking environments (IP networking, VPNs, DNS, load balancing, firewalls, NAT, SSL/TLS, etc.)
SIEM tools (e.g. ArcSight, Splunk, etc.)
Amazon Web Services (AWS) including Management Console, GuardDuty, EC2, IAM, VPC, S3, RDS, ECR, CloudTrail, Secrets Manager, Key Management Services, etc.
Vulnerability Management/Analysis/Reporting using Tenable Nessus SC.
Enterprise security strategy, AWS cloud security and cloud computing terminology, Risk Assessments.
Firewall Devices/Platforms (e.g., Palo Alto, Cisco ASP).
Firewall Rule Reviews and Rule Analysis.
Cyber Security Assessment & Management (CSAM).
Information Assurance Compliance System (IACS).
OpenShift.
Relevant commercial certifications desired (Security+, CISSP).
Candidate must be a US Citizen, possess DHS Suitability background investigation or be eligible to qualify for DHS Entry of Duty background investigation followed by DHS Public Trust Clearance.