AWS Lambda, Amazon CloudFront, Amazon Simple Storage Service (S3), Amazon Web Services (AWS), Application Programming Interface (API), Applications Security, Architectural Services, Authentication, Automation, Cloud Architecture, Cloud Computing, Communication Skills, Continuous Deployment/Delivery, Continuous Integration, Cryptography, Data Lake, Depth Perception, Digital Certificates, Docker, Enterprise Protection, Firewalls, Government, Government Contracts, HTTPS (HyperText Transport Protocol Secure), Information Technology & Information Systems, Information/Data Security (InfoSec), Infrastructure as a Service (IaaS), Internet Security, Lift/Move 25 Pounds, Linux Operating System, Nessus, Platform as a Service (PaaS), Regulatory Compliance, Regulatory Requirements, Research & Development (R&D), Risk, Risk Analysis, Risk Management, SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Analysis, Security Monitoring, Software Engineering, Software as a Service (SaaS), Splunk, Strategic Planning, Team Lead/Manager, Technical Support, Test Plan/Schedule
Enterprise Solutions and Management (ESM) is a rapidly growing government contractor that provides strategic IT services that meet mission needs for Defense and Federal customers. We are hiring a Cloud Security Engineer to support an enterprise-level program within a federal environment.
Job Description and Responsibilities
The successful candidate will design, implement, and secure cloud-native AWS environments using technologies and services including VPC, IAM, Security Groups, Docker, Lambda, API Gateway, CloudFormation, CloudFront, CloudFlare, encryption technologies, and data protection controls. Use AWS Infrastructure-as-Code (IaC), IaaS, PaaS, and SaaS solutions to support CI/CD pipelines in Linux environments, while applying expertise in application security, authentication, domain segmentation, risk mitigation, compliance, and regulatory requirements. Be able to utilize security monitoring and assessment tools such as Splunk, Nessus, Tenable Security Center, and enterprise firewall platforms including Palo Alto, Imperva, and Fortinet.
Required Knowledge, Skills and Abilities (KSA)
- Experience with cloud-native architectures and AWS services, including VPCs, Security Groups, IAM, Docker, KMS, S3 and RDS encryption, HTTPS/SSL certificates, API Gateway, Lambda, CloudFormation, CloudFront, Cloudflare, egress proxies, data lake security, application security, domain segmentation, authentication, data protection, and process automation.
- Experience implementing AWS Infrastructure-as-Code (IaC) and working across Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) environments.
- Experience researching, designing, developing, testing, and deploying AWS IaaS and PaaS solutions to support continuous integration and continuous delivery (CI/CD) in Linux environments.
- Proven ability to develop and execute complex AWS security strategies and implementation plans.
- Experience supporting compliance and regulatory requirements within AWS environments.
- Experience operating in risk-based environments, including risk assessment, mitigation planning, and security implementation in AWS.
- Hands-on experience with security and monitoring tools including Splunk, Nessus, Tenable Security Center, and firewall platforms such as Palo Alto, Imperva, and Fortinet.
Desired KSA
- Be a positive, self-motivated, and proactive person with the ability to adapt to change and tolerate stressful situations
- Candidate must communicate effectively with team members, team lead, management, and government customer
- Must have the ability and desire to research and develop creative solutions to unique problems with minimal supervision
Minimum Training, Education, and Certifications
- Bachelor's degree in Cybersecurity, Information Assurance, Information Systems, Information Technology, or related field
- Five (5) years of experience supporting cybersecurity compliance, ISSO functions, information assurance, governance/risk/compliance (GRC), or related security activities.
Minimum Clearance
Physical Requirements
- Required to stand, walk and sit; communicate verbally both in person and by telephone; use hands to finger, handle or feel objects or controls; reach with hands and arms. Regularly required to stoop, kneel, bend, crouch and lift up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, color vision and the ability to adjust focus.
- Physical demands associated with this position include extensive walking (including stairs) throughout offices and between buildings. May require use of public transportation, personal or Government vehicle to drive to local and/or remote office locations.
Additional Requirements
ESM provides equal employment opportunity to all individuals regardless of race, color, creed, religion, gender, age, sexual orientation, national origin or ancestry, disability, genetic information, veteran status, gender identification or any other characteristic protected by state, federal or local law.