Posted in Other about 3 hours ago.
The Cloud Security Engineer shall provide support to plan, coordinate, implement and oversee the organization's cloud
network and infrastructure. The Cloud Security Engineer will help access and analyze the security risks and needs of the
cloud network. Provides support for facilitating and helping agencies identify their current security infrastructure, define
future programs, design and implementation of security solutions, related to IT systems, to minimize risks.
The Information Security Specialist also oversees the efforts of security staff to design, develop, engineer and implement
solutions to security requirements. They would be responsible for the implementation and development of the DHS IT
systems security. Gathers and organizes technical information about an organization's mission goals and needs, existing
security products, and ongoing programs.
Expert knowledge of the following areas is required:
* AWS
o Review, analyze and/or report on tasks relating to the following AWS services: Management Console,
GuardDuty, EC2, VPC, CloudTrail, Secrets Manager, Systems Manager, etc.
o Monitor AWS resources, implement security protocols, and address performance bottlenecks.
o Collaborate with development teams to integrate applications with cloud services
o Work with cloud team to architect, design, implement and maintain cloud solutions and new capabilities in AWS.
* Vulnerability Management
o Ability to perform Tenable Nessus SC scans, parse/analyze/report results for vulnerability remediation.
o Familiar with the Continuous Diagnostics and Mitigation (CDM) Dashboard.
* Hardware/software security implementation, Different communication protocols, Encryption techniques/tools.
o Familiarity with commercial products, and current Internet/mobile technology.
* Change Request (CR) Security Reviews
o Assessing CRs from a technical security perspective in conjunction with review boards to ensure changes do
not introduce new security concerns.
o Providing weekly/monthly updates to the tracking repository to maintain historical information, running
totals and reporting results to the client.
* Risk Management
o Must demonstrate an understanding of business security practices and procedures and familiarity Identify
and analyze potential threat activity
o Harden the configuration of devices and networks utilizing DOD Best Practices
o Identify and report unresolved security exposures with mainstream risks associated with commercial
products and current Internet/EC technology.
* Documentation
o Developing and maintaining documentation for security systems and procedures
o Experience in developing System Security Plan, Contingency Plan, Incident Response Plan and Continuous Monitoring Plan * Certification and Accreditation (C&A) - Security Authorization o Ability to support C&A, continuous diagnostics and mitigation and related initiatives. o Experience creating and resolving POA&Ms o Familiar with Cyber Security Assessment & Management (CSAM)
Key Tasks and Responsibilities
* Implement security measures and ensure compliance with industry standards.
* Monitor and optimize cloud performance, including incident recovery processes.
* Utilize tools such as Splunk for Security Information and Event Management (SIEM) monitoring, analysis, logging and
reporting
* Review, analyze and report AWS GuardDuty alerts
* Ensures secure development processes are implemented and maintained.
* Collaborate with development teams to integrate applications with cloud services.
* Identifies and defines computer system security requirements in coordination with DevOps teams.
* Defines and implements computer security architecture and detailed cybersecurity strategies.
* Develops technical solutions and utilize security tools to help mitigate security vulnerabilities and automate
repeatable tasks.
* Conducts and supports investigations related to security incidents involving technology (i.e. email, endpoint,
applications, and data breaches).
* Consults on IT security and compliance initiatives to ensure Dev Sec Ops practices are well-defined and predictably
executed.
* Support risk mitigation activities such as Assessment and Authorization (A&A), continuous monitoring, and
vulnerability and configuration management.
* Integrate with and support a team of subject matter experts, in a highly agile environment, to implement best in
class cloud solutions by leveraging a variety of automation, instance and/or container, orchestration, security, and
native/non-native cloud services
* Work with cloud team to architect, design, implement and maintain cloud solutions and new capabilities in AWS.
* Developing deliverables associated with FISMA security package including but not limited to: System Security Plan,
Contingency Plan, Incident Response Plan and Continuous Monitoring Plan
* Work to complete ATO packages complaint to NIST SP 800-37 and SP 800-53 guidelines
* Adhere to NIST Risk Management Framework to support analyzing development of supporting policies, procedure
and plans and for the implementation of security controls and analyzing corrective action plans
* Work with the System Owners, ISSOs and other stakeholders to complete assessment reports
* Analyze IT security events to distinguish events that qualify as security incidents as opposed to non-incidents
* Maintain working knowledge of network communications, routing protocols and common internet
applications/standards
* Bachelor's Degree or higher and 10 years of related experience
The ideal candidate should be able to demonstrate working knowledge with several of the following concepts or
technologies:
* Experience with native CI/CD tools such as CodeCommit, CodeDeploy, CodePipeline, etc.
* Scripting skills (Python, Ruby, Perl, Bash, Powershell, etc.)
* Strong knowledge and experience with virtual desktop interfaces. * Proficiency with Cloud networking and troubleshooting Cloud networking environments (IP networking, VPNs, DNS, load balancing, firewalls, NAT, SSL/TLS, etc.) * SIEM tools (e.g. ArcSight, Splunk, etc.) * Amazon Web Services (AWS) including Management Console, GuardDuty, EC2, IAM, VPC, S3, RDS, ECR, CloudTrail, Secrets Manager, Key Management Services, etc. * Vulnerability Management/Analysis/Reporting using Tenable Nessus SC * Enterprise security strategy, AWS cloud security and cloud computing terminology, Risk Assessments * Firewall Devices/Platforms (e.g., Palo Alto, Cisco ASP) * Firewall Rule Reviews and Rule Analysis * Cyber Security Assessment & Management (CSAM) * Information Assurance Compliance System (IACS) * OpenShift
Certification Requirements
* Relevant commercial certifications desired (Security+, CISSP)
Clearance Requirements
* Candidate must be a US Citizen, possess DHS Suitability background investigation or be eligible to qualify for DHS
Entry of Duty background investigation followed by DHS Public Trust Clearance
Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)
* None
Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.
Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Aaron McClellan in Human Resources at
314.952.5138 or amcclellan@cwsc.com.
Sonesta Hotels International Corporation |
Swinerton Builders |
Horizontal Talent |