Cloud Security Engineer

VariQ - Washington, DC3.6

Full-timeEstimated: $120,000 - $160,000 a year
Save
Skills
Overview
VariQ has an opening for a Cloud Security Engineer supporting the DHS USCIS located in Washington, DC.

Additional Information:
Security Clearance: Secret
Salary: dependent upon experience
Available: upon award, currently in proposal stage
Responsibilities
Understand architectural development for cloud automated frameworks for Security Tool deployment and development, leveraging various scripting languages and open source solutions
Understand architectural design and implement security measures related to computer networks, software testing, validation procedures, programming, and documentation as it pertains to Cloud Security, Application Security, Vulnerability Management, and Network Security
Understand cloud security plans that implement systems and procedures to effectively secure company information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure
Apply agile practices to analyze internal security and provide relevant information to internal and external customers, suppliers, and partners
Work with assigned system stakeholders to understand their cloud infrastructure to adequately support the USCIS mission
Understand and interpret cloud services that are offered on a platform, to include 3rd party services
Ability to determine cost associated with cloud services and address anomalies accordingly
Assist with the implementation of monitoring capabilities for various audiences – developers, business owners, security, and infrastructure; analyze all platform level, network changes and monitor impact and provide appropriate technical solutions to resolve issues efficiently; evaluate and document operating baseline according to required standards
Provide oversight of application packaging to ensure automation is being utilized for both the application and infrastructure builds throughout the development, test, and production environments. This includes the automation of server builds for VMs and maintenance of these builds utilizing chef scripting as deemed appropriate
Utilize in-depth knowledge of infrastructure components (VM’s, Security Products, Network ports and protocols, Databases, Middleware and open source code) to support DevOps in an enterprise environment to build, maintain and sustain an enterprise information technology DevOps operational model
Provide technical support for enterprise infrastructure components (network, database, middleware, security and open source code) technology transitions and migrations to cloud services e.g. Platform as a Service (PaaS), Infrastructure as a Service (IaaS), etc
Evaluate and implement automation of server and application builds and monitoring for multiple environments (Development, Test, Training, Production, and Disaster Recovery
Ability to perform computer incident response and remediation practices as outlined in NIST 800-61 (Computer Security Incident Handling Guide) and DHS 4300A Sensitive Systems Policy Handbook, Attachment F Incident Response. The contractor’s staff will assist the USCIS Security Operation Center (SOC) on incident response actions for security incidents affecting the USCIS Cloud environment on an as needed basis
Perform other duties as assigned by the Government
Qualifications
Ability to attain a DHS EOD public trust security clearance required.
Have and maintain at least one active certification such as CISSP, CCISSP, CEH, CISM, CISA, Cloud+, AWS, CCSP, or other comparable certification which must be approved in advance by the Government PM (on a case-by-case basis)
Minimum of five (5) years of experience managing IT projects and programs or specialized experience as an Information Systems Security Professional
Minimum of five (5) years of experience with analyzing, assessing and implementing corrective actions based on vulnerability management tools
Minimum of five (5) years of experience with leading projects, technical writing, administrative tasks, and conducting briefings
Minimum of five (5) years of experience in security engineering or security operations
Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices
Excellent customer service, analytical, problem solving, team-building, and interpersonal skills
Ability to work independently and function as an integral part of the team
Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected
Listening skills, the ability to detect explicit and implicit needs and wants
Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints
Proven experience in building consensus and managing cross-functional teams
Demonstrated proficiency in vast array of Cyber Security platforms: Standard Application Online (SAO), Security Information and Event Management (SIEM), Intrusion Detection System (IDS)/Intrusion Protection System (IPS), Data Loss Prevention (DLP), Web Application Firewalls (WAF), Threat Intel, Endpoint Security
Experience with cloud Platform as a Service (PaaS), Software as a Service (SaaS) and other cloud services
Experience with Continuous Integration (CI)/Continuous Delivery (CD) - Deployment pipeline experience (Jenkins, Ansible, Terraform)
Experience or a strong knowledge of Data at Rest Application Programing Interface (API) design
Experience or a strong knowledge of programming languages (Python, Java etc.)
Experience or a strong knowledge of container/orchestration tools (Kubernetes, Docker, Puppet, etc)
Log aggregation platform experience
Have a deep understanding of API Security, Container Security, Cloud Security
Advanced Microsoft Excel and Access skills to perform extensive data mining, correlation, and reporting
Contractor shall be staffed in the Washington, DC metropolitan area, unless explicitly approved by the Government PM
Experience working with NIST SP 800-53, RMF, FISMA, DHS and DoD policies

VariQ is an equal opportunity employer.