Previous Job
Previous
Cloud Security Engineer/SME
Ref No.: 18-04953
Location: Ashburn, Virginia
Start Date / End Date: 09/30/2018 to 03/30/2019
Cloud Security Engineer/SME:
The candidates shall have a minimum of seven (7) years of experience in cloud security in Cyber Security. If the candidate has a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field, five (5) years of experience in incident detection and response, and cloud engineering/security is required.

This is a hands-on role that requires a high degree of technical security expertise within the AWS ecosystem. You will be the person responsible for security related tasks, including the implementation and day-to-day administration of Information Security solutions, and optimizing configurations for effectiveness. Your primary responsibilities include performing assessments of security architecture, making practical recommendations to reduce risks, and then help realize the change, as well as the prevention and remediation of security vulnerabilities within AWS using existing or new solutions. Your daily task will have you interacting closely with personnel from other functions in Information Security, Cloud Ops, R&D, and Product Management.

Assist teams in complying with cloud security controls
Design/apply common security controls and control inheritance guidelines to support a component-based application of the security architecture.
Develop and mature the security controls matrix that consolidates all applicable security controls and associated control type, control owners, implementation and status
Support continuous monitoring of the system through attendance at change management meetings, identifying impacts to security, performing assessment and communicating impact to security posture with recommendations and ongoing security control assessments and updates to key documentation.
Measure compliance against standards
Performs requirements analysis, and develops software architectures to meet requirements
Provide training on technologies to other engineers and team members
Strong multi-tasking and organizational skills
Ability to prioritize simultaneous high visibility projects
Configure and maintain automation and scripting via PowerShell, Python, Perl, or Bash
Develop System Security Plans working with the engineering and operations teams to identify strategies for control implementation
Develop system-specific policy, process and procedures ranging from access control, vulnerability management and key management
Develop other security-related documents required for authorization such as categorization, contingency plans, incident response plans and privacy impact assessments
Develop procedures to automate security tasks during code builds and deployments
Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.

Your skills:
Knowledge of network based, system level, and application layer attacks and mitigation methods
Experience configuring/sending pertinent security data from SIEM solutions and AWS audit, logs, and reports
Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27017
Experience in DevOps environments and maintaining security in CI/CD processes
Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management, etc
Experience working with container technology including Docker and Kubernetes
Knowledge of AWS automation strategies and tools
Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
Ability to clearly and effectively communicate concerns, issues to other teams
Experience in developing, documenting, and maintaining security procedures
Proficient in AWS CLI, Bash, and Python
Must have knowledge of cloud automation and deployment frameworks with regards to their use in highly available environments (Lambda/CloudFormation/Azure Resource Manager/Azure Functions)