Location
Reston, VA | United States
Job description
GENERAL DUTIES:
- Perform in a SME security engineering role responsible for the design, configuration, testing, and deployment, of cloud provider services such as AWS, Azure, Oracle, etc. and cloud-based services such as Office 365 in support of the IC
- Apply knowledge of the latest trends in the cloud security engineering industry to support the analytical service contract in the deployment of web services and solutions enabling the automation of data discovery and support higher orders of analysis to implement Cloud Security best practices
- Design, plan, and integrate cloud computing and virtualization systems using Infrastructure as Code (IaaC) and current cloud-native deployment techniques and tools
- Provide input to programs throughout the lifecycle to ensure systems meet ICD-503 and Risk Management Framework standards
- Use system automation technologies and configuration management technologies such as Saltstack, Chef, Puppet, Ansible, Terraform, CloudFormation or others to create standardized IT environments
- Work with Solution Architects to conduct Proof of Concepts (POCs), and assist in production implementations
- Execute periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external web integrity scans to determine compliance
- Exposure to big data solutions in cloud environments such as SageMaker
- Participate in special projects as required to include technology evaluations and produce Analysis of Alternatives (AoA) and provide Cloud Security SME recommendations
- Assist the customer to design, implement, and document the security controls of the system to enable the agency to achieve initial authorization
- Support the iterations of new capabilities and cloud services via change management and continuous monitoring
- Assist customers in leveraging the security controls provided so they can rapidly deploy their applications
REQUIRED QUALIFICATIONS:
- Bachelor's degree in Engineering or a related technical discipline preferred with at least 10 years of experience; an additional 5 years of experience may be substituted for a degree
- Excellent communication skills, verbal and written, with ability to influence and collaborate with leadership, peers, and team members
- Extensive hands-on experience with cloud architecture/engineering, services, migration, and security to include AWS/Azure Commercial, Secret and TS/SCI regions
- Experience with Office 365
- Experience with Cloud-based Computer Network Defense (CND)
- Experience with Networking in Cloud and On-Prem environments
- Knowledge of Cross Domain Solution (CDS) engineering and high-level understanding of multi-security domain operations
- Experience with cloud automation and scripting (Auto-scale, Azure Resource management, Scripting, PowerShell)
- Experience with A&A practices and processes under ICD 503 Risk Management Framework (RMF) and implementing NIST 800-53 security controls for U.S. Government networks and applications
- Must possess current DoD 8570 IASAE Level II certification
DESIRED QUALIFICATIONS:
- AWS/Azure certification(s) preferred
CLEARANCE:
Job tags
Salary