What are the responsibilities and job description for the Senior Cloud Security Engineer position at KeenLogic?
KeenLogic is seeking to hire a Senior Cloud Security Engineer (Azure/AWS Technical Advisor) to join our team at the Drug Enforcement Administration. As a Cloud Security Engineer, you will play a crucial role in designing, implementing, and maintaining security measures to protect an organization's cloud-based infrastructure and data. This role requires a deep understanding of cloud technologies, security best practices, and a proactive approach to identifying and mitigating security risks.
Cloud Security Engineers use technical guidance and engineering best practices to securely build and scale cloud-native applications and configure network security defenses within the cloud environment. These individuals are proficient in identity and access management (IAM), using cloud technology to provide data protection, container security, networking, system administration, and zero-trust architecture.
Cloud Engineers must have a comprehensive knowledge of FISMA, NIST, NSA, and other information security, cybersecurity, UAM, and CDM-related industry policies, standards, procedures, guidelines, best practices, developing, engineering, implementing, testing, evaluating, configuring, monitoring, and maintaining cybersecurity, UAM, CDM, insider threat detection/analysis incident detection/analysis, and vulnerability compliance and assessment software and hardware.
Personnel assigned to this role will serve primarily on the ISSO as a Service (ISSaaS) team. The designated contract team member for the ISSO as a Service (ISSaaS) team is considered Key Personnel.
This is a full-time position offering Fortune 500-level benefits, PTO, 401k, and Life Insurance, and monthly reimbursement for travel. This position is based in Arlington, VA and follows a 3x2 schedule, 3 days a week onsite and 2 days of remote work.
Required Qualifications:
dJKv9THvHt
Cloud Security Engineers use technical guidance and engineering best practices to securely build and scale cloud-native applications and configure network security defenses within the cloud environment. These individuals are proficient in identity and access management (IAM), using cloud technology to provide data protection, container security, networking, system administration, and zero-trust architecture.
Cloud Engineers must have a comprehensive knowledge of FISMA, NIST, NSA, and other information security, cybersecurity, UAM, and CDM-related industry policies, standards, procedures, guidelines, best practices, developing, engineering, implementing, testing, evaluating, configuring, monitoring, and maintaining cybersecurity, UAM, CDM, insider threat detection/analysis incident detection/analysis, and vulnerability compliance and assessment software and hardware.
Personnel assigned to this role will serve primarily on the ISSO as a Service (ISSaaS) team. The designated contract team member for the ISSO as a Service (ISSaaS) team is considered Key Personnel.
This is a full-time position offering Fortune 500-level benefits, PTO, 401k, and Life Insurance, and monthly reimbursement for travel. This position is based in Arlington, VA and follows a 3x2 schedule, 3 days a week onsite and 2 days of remote work.
Required Qualifications:
- Active Secret clearance
- Must be eligible for Top-Secret clearance
- Master’s degree in Computer Science, Information Systems, or Information Technology Engineering, Information Technology Management, Business Management, or task order specific discipline or related field, equivalent work experience or equivalent educational and/or qualifications, and ten years of documented relevant work experience
- Certifications: DoD IAT, IASAE, or CSSP Level II or III or equivalent
- 10 years of experience in any combination of cloud cybersecurity, cloud security engineering, and/or cybersecurity experience
- Experience in network, system, software, and/or cloud architecture; design, implementation, support, and evaluation of security-focused tools and services
- Design and implement secure cloud architecture for various cloud platforms (AWS, Azure, & GCP)
- Collaborate closely with architects and developers to ensure security is integrated into the entire cloud environment
- Implement and manage security monitoring tools for cloud environments
- Respond to and investigate security incidents, providing timely resolution
- Ensure cloud environments comply with industry standards and regulations
- Implement and monitor governance frameworks for cloud security
- Develop and maintain scripts or automation tools for security tasks
- Implement DevSecOps practices to integrate security into the CI/CD pipeline
- Conduct regular vulnerability assessments and coordinate remediation efforts Keep abreast of emerging threats and vulnerabilities in cloud environments
- Maintains all documentation
- Supports and develops automation
- Develop in languages such as Bash, PowerShell, Python
- Maintains/enhances knowledge of related (AWS / Azure / GCP / OCI) cloud services
- Monitors and tunes the cloud systems to achieve optimum performance levels
- Propose and implement cloud infrastructure transformation and automation based on customer requirements
- Assist in building, troubleshooting, and optimizing container-based cloud infrastructure
- Assist in selecting, implementing, and tuning configuration management (CM) technology platforms
- Assist in ensuring operational readiness for launching secure and scalable workloads into public and hybrid cloud environments
- Work to validate existing infrastructure security, performance, and availability and make recommendations for improvements and optimization
- Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements
- Any combination of security engineering experience in the following areas: AWS GOV Cloud, SPLUNK, tools (CORE, SOAR, ES, UBA), SIEM , Azure Cloud, Kubernetes, Docker, Rancher, Linux, or windows command line experience. (AWS, Ali Cloud, Azure), Familiarity with CloudFormation, EC2, EMR, S3, Redshift, RDS, SQS and AutoScaling Groups, and container orchestration is a plus
- AWS Certified Cloud Practitioner, AWS Certified Solutions Architect – Professional, AWS DevSecOps Engineer, AWS Solutions Architect Associate, AWS Security Specialty
- Azure Fundamentals, Azure Data Fundamentals, Azure Ai Fundamentals, Azure Security Engineering Associate, Azure Solutions Architect Expert
- AWS Inspector
- AWS GuardDuty & Security Hub
- Integrate AWS events with Azure Sentinel
- 3rd party firewall appliances – Palo alto
- CyberArk – Installation & Configuration
- Google Associate Cloud Engineer
- Cloud Security Alliance: Certificate of Cloud Security Knowledge (CCSK)
- SANS Institute Certification SEC541: Cloud Security Attacker Techniques, monitoring, and threat detection
- SANS Institute Certifications: SEC 488: Cloud Security Essentials, SEC 540: Cloud Security and DevSecOps Automation, SEC 388: Introduction to Cloud Computing and Security
- Experience briefing and building visualization for executive leadership, PowerBI & API use, risk assessment through data aggregation
- Any combination of certificates such as:
- AWS Certified Cloud Practitioner, AWS Certified Solutions Architect – Professional, AWS DevSecOps Engineer, AWS Solutions Architect Associate, AWS Security Specialty
- Azure Fundamentals, Azure Data Fundamentals, Azure Ai Fundamentals, Azure Security Engineering Associate, Azure Solutions Architect Expert
- Google Associate Cloud Engineer
- Cloud Security Alliance: Certificate of Cloud Security Knowledge (CCSK)
- SANS Institute Certification SEC541: Cloud Security Attacker Techniques, monitoring, and threat detection
- SANS Institute Certifications: SEC 488: Cloud Security Essentials, SEC 540: Cloud Security and DevSecOps Automation, SEC 388: Introduction to Cloud Computing and Security
- May be considered equivalent to two (2) year of general experience. Certificates under the DoD IAM, IAT, IASAE, or CSSP Levels II or III may be considered equivalent to two (2) years of relevant experience
- Any combination of certificates such as Microsoft’s MCSE, or Cisco’s, CCNA, CCDA, or CCNP, may be considered equivalent to two (2) year of general experience / information technology experience
- Certificates under the DoD IAM, IAT, IASAE, or CSSP Levels I, II, or III may be considered
dJKv9THvHt
Senior Cloud Security Engineer
Cherokee Federal -
Washington, DC
Senior Cloud Security Engineer
T-Rex Solutions LLC -
Bethesda, MD
Senior Cloud Security Manager
Bridge Security Advisors -
Warrenton, VA
