Mid-Level Cloud Engineer - Secret Cleared, On-Site jobs in United States
cer-icon
Apply on Employer Site
company-logo

Stories of Tomorrow · 1 month ago

Mid-Level Cloud Engineer - Secret Cleared, On-Site

positionLeesburg, VA
timeFull-time
remoteOnsite
seniorityEntry, Mid Level
date2+ years exp

Stories of Tomorrow is a company in the Federal Government Contracting industry, seeking a Mid-Level Cloud Engineer. The role involves working closely with application teams and security engineering staff to analyze and remediate vulnerabilities in cloud environments, ensuring secure configurations and compliance with organizational policies.

Publishing
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Act as the primary technical advisor for remediation of vulnerabilities surfaced through Wiz Cloud, Wiz Defend, and Wiz Code findings
Support development, application, and infrastructure teams in resolving misconfigurations, identity risks, toxic combinations, and excessive permissions
Provide hands-on assistance in fixing cloud configuration issues across AWS, Azure, and GCP environments
Assist teams in understanding root causes and implementing sustainable long-term fixes
Review cloud architectures and provide recommendations aligned with secure baseline configurations
Ensure cloud resources adhere to organizational security policies, NIST 800-53 controls, and RMF guidelines
Implement secure configuration changes related to identity, networking, storage, encryption, compute, and logging
Work with DevOps and application teams to integrate security practices into CI/CD pipelines
Collaborate with security engineers to automate recurring remediation activities
Work with API integrations and automation workflows involving ServiceNow, Splunk, MS Teams, Okta, Qualys, Tenable, and other connected systems
Assist in tuning automated guardrails, policies, and workflows to prevent repeated vulnerabilities
Partner closely with Cloud Security Engineers, ISSOs, DevOps teams, and application owners
Create clear remediation guides, playbooks, and knowledgebase documentation
Provide clear, actionable advice to both technical and non-technical stakeholders
Participate in meetings and working sessions to drive remediation progress

Qualification

Cloud EngineeringAWSAzureGCPNIST 800-53RMFIdentity ManagementVulnerability RemediationCI/CD PipelinesScripting LanguagesCSPM ToolsDevSecOpsAutomationCommunication Skills

Required

U.S. Citizen with active Secret (or higher) security clearance
2-3 years of experience in cloud engineering, or DevSecOps
Strong hands-on experience with AWS, Azure, and/or GCP
Experience troubleshooting cloud security issues at the resource level
Familiarity with NIST 800-53, RMF, and federal cloud security practices
Strong understanding of identity management, networking, storage, and logging in cloud environments
Ability to read and interpret vulnerability/security findings and convert them into actionable remediation
Excellent written and oral communication skills

Preferred

Hands-on exposure to Wiz or similar CSPM tools (Prisma Cloud, Security Hub, Defender for Cloud)
CSP (AWS, Google, Azure) certifications
Experience with IaC tools such as Terraform, CloudFormation, or ARM/Bicep
Proficiency in scripting languages such as Python, PowerShell, or Bash
Experience with CI/CD pipelines and DevOps workflows
Security or cloud certifications (e.g., AWS Solutions Architect, Azure Administrator, CCSP)

Company

Stories of Tomorrow

twitter
company-logo
Stories of Tomorrow er et nystartet forlag som har som mål å fortelle morgendagens historier.
dateFounded in 2023
people-size2-10 employees
web-link
https://teamtomorrow.no/

Funding

Current Stage
Early Stage
Company data provided by crunchbase