The Security Cloud Engineer will bring together aspects of systems engineering, cloud technologies, virtual systems, operational security, software engineering, and networking to aid in developing secure systems. The engineer will also assist Security Architect’s to provide feedback and guidance for architects as systems and processes are designed. In addition, this role will leverage existing security tools to ensure the proper protection of sensitive data and compliance to internal and external regulations and requirements.
1. Engineering cloud security guard rails in AWS, Azure, or Alibaba
2. Cloud security-scanning tools – Cloud Aware, CloudCheckr, Evident.io, Cloud Conformity, RedGate, DivvyCloud, etc.
3. Cloud WAF - Akamai Kona, AWS WAF, Arbor, Prolexic, or similar tools
4. Cloud SIEM – Cloudtrail, Cloudwatch, and other packaged SIEMs such as IBM Qradar, LogRythm, Splunk, ELK, ArcSight, AlienVault
5. Key Management - Privileged account management solutions in the cloud for key management, service account and secrets management, rotation and event response, including tools such as Secret Server (Thycotic), Vault (HashiCorp), Cloud KMS, or similar tool set.
6. Experience in a development and operations role, implementing security through code development and infrastructure code reviews, establishing security ecosystems utilizing APIs and event driven security response.
7. Previous participation in bug-hunting, pen tests, vulnerability assessments
8. Cloud access security broker (CASB) or similar experience securing SaaS offerings such as O365, GoogleApps, and other cloud vendors.
9. Support all aspects of Information Security Operations initiatives
10. Respond to, manage and contain security incidents
11. Perform forensics on compromised systems.
12. Provide SME support to Global Information Security management and DCI business
13. Assist GIS management with project plans and deployment of security technologies
14. Contribute to the identification and definition of system security requirements and advise on the design of security monitoring infrastructure.
15. Configure and troubleshoot security infrastructure devices and ensure the proper operation of security processing routines.
16. Apply INFOSEC best practice and principles to network protocols, architectures, equipment, services, standards and technology.
17. Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures.
18. Assist with the engagement and coordination of third-party security assessments.
19. Communicates and escalate security alerts, intrusions, and compromises, to various IT groups in multiple locations
20. Assists with the design and implementation of cybersecurity counter-measures or mitigating controls as necessary
21. Maintain job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; and participating in professional organizations.
- One or more of the following certifications required:
o GSEC, GCIH, SSCP, CCSP, CISSP-ISSEP, CEH, GCIA, GISF, Security Plus, Network Plus preferred but 7+ years of experience and demonstrated knowledge accepted
- Able to maintain proficiency in tools, techniques, and countermeasures in network vulnerabilities
- Able to identify, monitor, and investigate computer and network intrusions
- Strong time management and organizational skills required
- Strong customer service, communication, and presentation skills required
- BS degree in computer science or computer engineering preferred; will consider applicants with equivalent work-related experience with a minimum educational requirement of a high school diploma or GED equivalent
- 5+ years of progressive experience with increasing responsibilities within a Security Operations environment
- 3+ years of IT security engineering work experience including2+ years of cloud security environment))
- 2-3 years of security architecture experience (Preferred: 1-2 years of working on cloud security - AWS )
- Able to provide computer forensic support to investigations in the form of evidence seizure, computer forensic analysis, and data recovery
- Experience knowledge of TCP/IP, networking design, and routing architectures
- Experience knowledge of network security systems and protocols, including firewalls, Radius and TACACS+, IPSEC and IKE, SSH, etc.
- Ability to develop and implement security procedures and control
- Must have the legal right to work in the United States
Sterling, Virginia, VA