Perform in a Security Engineer, Subject Matter Expert, role responsible for the design, configuration, testing, and deployment, of cloud provider services such as AWS, Azure, Oracle, IBM, Google Cloud, etc. and cloud-based services such as Office 365 in support of the IC
Apply knowledge of the latest trends in the Cloud Security Engineering industry to support the analytical service contract in the deployment of web services and solutions enabling the automation of data discovery and support higher orders of analysis to implement Cloud Security best practices
Designs, plans, and integrates cloud computing and virtualization systems using Infrastructure as Code (IaaC) and current cloud-native deployment techniques and tools
Provide Cloud Security Engineering input to programs throughout the lifecycle to ensure systems meet ICD-503 and Risk Management Framework (RMF) standards
Use system automation technologies and configuration management technologies such as Saltstack, Chef, Puppet, Ansible, Terraform, CloudFormation or others to create standardized IT environments
Work with Solution Architects to conduct Proof of Concepts (POCs), and assist in production implementations
Execute periodic, and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external web integrity scans to determine compliance
Exposure to big data solutions in cloud environments such as SageMaker
Participates in special projects as required to include technology evaluations and produce Analysis of Alternatives (AoA) and provide Cloud Security SME recommendations
Assist the agency in designing, implement, and document the security controls of the system to enable the agency to achieve initial authorization. Subsequently, you will support the iterations of new capabilities and cloud services via change management and continuous monitoring. Will also assist customer of the network in leveraging the security controls provided so they can rapidly deploy their applications.
Requirements:
Bachelor's degree in engineering or a related technical discipline
Excellent communication skills, verbal and written, with ability to influence and collaborate with leadership, peers, and team members
Extensive hands-on experience with cloud architecture/engineering, services, migration, and security to include AWS/Azure Commercial, Secret and TS/SCI regions
Experience with Cloud-based Computer Network Defense (CND); knowledge of networking in Cloud and On-Prem environments
Knowledge of Cross Domain Solution (CDS) engineering and high-level understanding of multi-security domain operations
Experience with cloud automation and scripting (Auto-scale, Azure Resource management, Scripting, PowerShell)
Experience assessment and authorization practices and processes under ICD 503 Risk Management Framework (RMF) and implementing NIST 800-53 security controls for U.S. Government networks and applications