Title: Cloud Engineer ~ SME

Location: Fort Meade, MD

Clearance: TS/SCI with a CI polygraph

Responsibilities:

• Perform in a Security Engineer, Subject Matter Expert, role responsible for the design, configuration, testing, and deployment, of cloud provider services such as AWS, Azure, Oracle, IBM, Google Cloud, etc. and cloud-based services such as Office 365 in support of the IC
• Apply knowledge of the latest trends in the Cloud Security Engineering industry to support the analytical service contract in the deployment of web services and solutions enabling the automation of data discovery and support higher orders of analysis to implement Cloud Security best practices
• Designs, plans, and integrates cloud computing and virtualization systems using Infrastructure as Code (IaaC) and current cloud-native deployment techniques and tools
• Provide Cloud Security Engineering input to programs throughout the lifecycle to ensure systems meet ICD-503 and Risk Management Framework (RMF) standards
• Use system automation technologies and configuration management technologies such as Saltstack, Chef, Puppet, Ansible, Terraform, CloudFormation or others to create standardized IT environments
• Work with Solution Architects to conduct Proof of Concepts (POCs), and assist in production implementations
• Execute periodic, and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external web integrity scans to determine compliance
• Exposure to big data solutions in cloud environments such as SageMaker
• Participates in special projects as required to include technology evaluations and produce Analysis of Alternatives (AoA) and provide Cloud Security SME recommendations
• Assist the agency in designing, implement, and document the security controls of the system to enable the agency to achieve initial authorization. Subsequently, you will support the iterations of new capabilities and cloud services via change management and continuous monitoring. Will also assist customer of the network in leveraging the security controls provided so they can rapidly deploy their applications.

Requirements:

• Bachelor's degree in engineering or a related technical discipline
• Excellent communication skills, verbal and written, with ability to influence and collaborate with leadership, peers, and team members
• Extensive hands-on experience with cloud architecture/engineering, services, migration, and security to include AWS/Azure Commercial, Secret and TS/SCI regions
• Experience with Cloud-based Computer Network Defense (CND); knowledge of networking in Cloud and On-Prem environments
• Knowledge of Cross Domain Solution (CDS) engineering and high-level understanding of multi-security domain operations
• Experience with cloud automation and scripting (Auto-scale, Azure Resource management, Scripting, PowerShell)
• Experience assessment and authorization practices and processes under ICD 503 Risk Management Framework (RMF) and implementing NIST 800-53 security controls for U.S. Government networks and applications
• Current TS/SCI with a CI polygraph clearance