Advise on the implementation of cloud-native security tools and safeguards to achieve a secure trusted environment.
Advocate and collaborate with engineers, developers, and non-technical members on cloud security related issues.
Collaborate with clients to gather requirements and propose effective security solutions.
Cloud Security Subject Matter Expert for AWS and Azure cloud engineering teams
Create, update and maintain DevSecOps processes for cloud and container-based deployments
Design and implement secure solutions and architectures for cloud, multiple cloud and hybrid cloud systems to support clients, delivery teams, and Managed Service Provider (MSP)/Managed Security Service Provider (MSSP) practices.
Develop automation, runbooks, and scripts to automatically resolve security or configuration issues in AWS or Azure.
Drive roadmap and implementation of security related items for cloud engineer, networking and system operations teams.
Help build cloud strategies and reference architectures to meet compliance and security requirements.
Lead technical security discussion with Cyber teams (Security Operation Center Analysts, Security Application Teams and ISSOs) about Cloud IaaS, PaaS and SaaS and Microservices architectures
Mentor and coach others in cloud and security architecture
Present on, drive adoptions, create proof of concepts and demo security concepts and solutions to technical and non-technical audiences
Proactively improve the security posture of cloud-based environments with CSP services, code and automaton
Promote and help enable other teams to adopt Security Orchestration, Automation and Reponses (SOAR).
Work with compliance, security and application teams to maintain security compliance for federal (DoD, FedRAMP, CMMC), corporate and industry compliance programs.
4 – 10 years of relevant experience with cloud, security and development
Detailed understanding of AWS and Azure core security and identity capabilities, features, and services
Knowledge of security monitoring and response capabilities for on-premises, Cloud, hybrid and microservice environments.
Experience implementing Infrastructure as Code (IaC) with CloudFormation, ARM or Terraform.
Experience of supporting projects that required at least one Federal compliance program (CMMC, CIS Benchmarks, DoD SRG, DoD STIGs, FedRAMP and NIST 800-53) and the ability to help the projects achieve and maintain accreditation
Proven ability to create solutions that align enterprise security architecture frameworks and defined security controls and standards.
Security Certifications – A least one security certification (CISSP, CEH, GIAC, Security+, AWS Certified Security - Specialty, Microsoft Certified Azure Security Engineer) and a CSP (AWS or Azure) Assoicate level certification.
Strong knowledge of security topologies, network security best practices and the application of suitable security safeguards.
Strong experience with a variety of cybersecurity systems, architectural concepts, delivery environments and best-of-breed security solutions.
Understanding of Agile and DevOps methods
Understanding of AWS and Azure core Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Function as a Service (FaaS) capabilities, features, and services and/or detailed understanding of cloud-native reference architectures.
Understanding of Continuous Integration and Continuous Delivery (CI/CD) pipelines to incorporate security, hardening and best practices for delivery of secure software
AWS professional (AWS Certified Solutions Architect – Professional, AWS Certified DevOps Engineer – Professional) or Azure expert level role-based certifications.
Bachelor level technical degree or equivalent experience; Computer Science or Engineering background preferred
Experience in supporting container-based applications, implementing security for microservices in the CI/CD progress, runtime and registry for AWS (Docker, AWS ECS, AWS ECR, AWS Fargate, AWS EKS), Azure AKS, Docker, and Kubernetes.
Experience implementing Zero Trust architecture and design patterns
Familiarity with Linux / Windows operating systems and methods to securely operate workloads
Knowledge of CMMC, DoD SRG, DoD STIGs, FedRAMP and NIST compliance controls
Knowledge with Configuration as Code tools/services (Puppet, Ansible or AWS SSM) for orchestration of OS (Operating System) level configuration and compliance
Knowledge of Git for source code version control and Atlassian (Jira, Bitbucket, and Confluence), GitHub or GitLab and ServiceNow APIs for automation.
Due to the nature of the government contracts we support, US Citizenship is required.