Cloud Security Engineer

If you are looking for a rewarding career with a highly successful company that puts people first, Halvik Corp is the place for you! We are committed to delivering smarter IT-driven solutions bolstered by quality and innovation to help the US Federal Government succeed. Join our growing team and make a difference!

The on-site Cloud Cybersecurity Engineer must specialize in cloud technologies in variedenvironments, including, but not limited to, Amazon, Microsoft, and Google platforms. In addition, the candidate will have experience OR knowledge of Red Hat OpenShift cloud application platform. As the Cloud Infrastructure Cybersecurity Engineer at USSOCOM, the candidate will be responsible for all cybersecurity risk management and compliance initiatives relating to the use of the cloud computing environment. Primary function is to work with agile development teams across organizations, understanding the standard cybersecurity configurations for cloud computing and ensuring that all cybersecurity requirements in our cloud environments meet DoD and USSOCOM cybersecurity requirements. The ideal candidate is someone with Development Operations (DevOps) experience, with a solid background in designing and developing automation to support Continuous Integration and Continuous Delivery (CI/CD) processes. Must also have excellent attention to detail, strong analytic, and communication skills, as well as a working knowledge and understanding of application security toolsets used in the CI/CD DevOps pipelines. In addition, the cloud security engineer will provide cloud infrastructure cybersecurity engineer expertise, collaborate with agile development teams, integrate DevSecOps pipeline solutions, defining a cloud security baseline per product to ensure proper cybersecurity and compliance.

Typical Duties Include:

 Provide cloud cybersecurity guidance and direction in the design, development and implementation of automated solutions, based on a set of standards and processes that enable CI/CD developers to easily apply cybersecurity and compliance services.

 Responsible for support of and coordinating with other Engineers, Architects, and teams in implementing a comprehensive cloud and application security program in a DevOps environment.

 Manage cloud infrastructure cybersecurity standards and procedures in accordance with audit and compliance teams.

 Member of the cloud Joint Validation Team; review and analyze cloud service provider artifact for completeness, consistency, compliance, and due diligence

 Interface with application and infrastructure engineers to ensure cybersecurity best practices are embedded in enterprise cloud environment.

 Develop cybersecurity strategic plans and roadmaps.

 Leverage DevOps tools to build, harden, maintain and instrument a comprehensive cloud-based cybersecurity orchestration platform to be used in product CI/CD pipelines.

 Validate cloud infrastructure projects align with cybersecurity and compliance best practices.

 Participate in cloud infrastructure design reviews.

 Lead cloud cybersecurity technology reviews.

 Perform risk and vulnerability assessments of cloud IT and IS for accreditation; prepare risk assessment reports for submission to SCA and AO in accordance with DoD, USCYBERCOM, USSOCOM policies, procedures, and regulations.

 Coordinate, manage and facilitate cloud cybersecurity compliance processes with internal and external stakeholders to provide timely deliverables and rapid remediation.

 Identify, assess, and advise on cloud related cybersecurity compliance risks and controls.

 Provide cloud cybersecurity expertise at technical exchange meetings, reviews and briefings to leadership, customers, and contractor personnel.  Identify, create and measure process and control improvement.

 Complete annual or periodic cybersecurity assessments of the cloud environment.

 Able to work on multiple projects and prioritize accordingly.

Knowledge, Skills, and Abilities:

 Familiar with cybersecurity architecture design principles.

 Broad hands-on knowledge of firewalls, intrusion detection systems (IDS), data encryption and other standard cybersecurity techniques and practices.

 Strong experience in cybersecurity and information security and how it relates to all aspects of software/systems design and infrastructure.

 Hands on experience implementing cybersecurity solutions with a focus in Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) in an enterprise environment. Experience with AWS, Microsoft Azure and Google Cloud Platforms is considered a plus.

 Strong experience in cloud and application security domains.

 Familiarization with Federal Information Processing Standards (FIPS)-199, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and DoD Cloud Security Requirements Guide

 Through IT cybersecurity experience preferably in the area of cloud implementation or maintenance.

 Experience OR deep knowledge of using containerization technology, including Open Container Initiative (OCI) compliant containers and OpenShift Container Platform (OCP)

 Strong experience designing, developing and deploying cybersecurity tools and technologies for cloud architectures.

 Experience with container cybersecurity solutions such as Twistlock and source code scanning solutions such as Fortify.

 Proficient in a Linux or UNIX based environment; experience in Red Hat Enterprise Linux (RHEL) is considered a plus.

 Extensive experience in implementing and enforcing application security and vulnerability management.

 Experience in DevOps and software engineering processes and procedures.

 Working knowledge of NIST Cybersecurity Framework and Cloud Security Alliance framework.

 Active TS/SCI clearance required

Halvik offers a competitive full benefits package including:

Company-supported medical, dental, vision, life, STD, and LTD insurance

Benefits include 11 federal holidays and PTO.

401(k) with company matching

Flexible Spending Accounts for commuter, medical, and dependent care expenses

Tuition Assistance

Charitable Contribution matching

To comply with the guidance provided by the Safer Federal Workforce Task Force (Task Force) for Federal Contractors and Subcontractors, Halvik is requiring COVID-19 vaccinations for all their employees except where an employee is legally entitled to an accommodation. 

Halvik Corp is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.