Cloud Security Specialist (AWS) - Washington, DC
Creative Information Technology, Falls Church, VA, United States
Cloud Security Specialist (AWS) - Washington, DC
About us
Creative Information Technology Inc (CITI) is an esteemed IT enterprise renowned for its exceptional customer service and innovation. We serve both government and commercial sectors, offering a range of solutions such as Healthcare IT, Human Services, Identity Credentialing, Cloud Computing, and Big Data Analytics. With clients in the US and abroad, we hold key contract vehicles including GSA IT Schedule 70, NIH CIO-SP3, GSA Alliant, and DHS-Eagle II.
Join us in driving growth and seizing new business opportunities.
Role and Responsibilities
We are seeking a Senior Cloud Security Specialist to support the Security Engineering team. This team is responsible for the strategy, design, deployment, and maintenance of effective security solutions in cloud, local, and hybrid environments
Conduct regular security reviews of cloud infrastructure deployed by engineering teams
Evaluate infrastructure-as-code against security standards
Review and validate compliance with security policies and best practices
Assess adherence to AWS Well-Architected Framework security pillar
Identify and document security misconfigurations and non-compliant controls
Develop and maintain security posture dashboards
Create or update security configuration guides and playbooks
Offer technical consultation to engineering teams on secure implementation
Implement AWS security controls and services to ensure proper security hardening and other security engineering tasks.
Develop and update AWS security configuration standards
Conduct security training sessions for engineering teams
Present findings and recommendations in team meetings
Identify opportunities to automate security assessments
Recommend security tooling improvements
AWS Certified Security - Specialty (strongly preferred)
AWS Certified Solutions Architect - Professional or Associate
Demonstrated experience implementing secure, scalable AWS cloud architectures following industry best security practices and security frameworks.
Demonstrated federal experience and comprehensive knowledge in adopting and implementing federal cybersecurity requirements, including but not limited to the NIST Cybersecurity Framework, OMB Memorandum M-22-09, NIST SP 800-53
Possess deep analytical, problem-solving, and troubleshooting experience, to independently resolve complex security challenges.
Proven ability to provide technical security consultation and advisory services with a proactive approach to identifying potential issues, raising questions, and engaging in open dialogue with team members and stakeholders to ensure security objectives are met.
Strong understanding of security concepts and technologies related to Identity and Access Management (IAM), security engineering, network security design, security operations, security architecture, general engineering processes, cloud security, data loss protection, zero trust, DevSecOps and vulnerability management.
Technical skills in AWS cloud security, security engineering, DevSecOps, scripting, and Infrastructure-as-code (IaC)
Self-motivated and able to work independently
Strong attention to detail
Minimum Qualification
Minimum 5 years hands-on AWS security experience
About us
Creative Information Technology Inc (CITI) is an esteemed IT enterprise renowned for its exceptional customer service and innovation. We serve both government and commercial sectors, offering a range of solutions such as Healthcare IT, Human Services, Identity Credentialing, Cloud Computing, and Big Data Analytics. With clients in the US and abroad, we hold key contract vehicles including GSA IT Schedule 70, NIH CIO-SP3, GSA Alliant, and DHS-Eagle II.
Join us in driving growth and seizing new business opportunities.
Role and Responsibilities
We are seeking a Senior Cloud Security Specialist to support the Security Engineering team. This team is responsible for the strategy, design, deployment, and maintenance of effective security solutions in cloud, local, and hybrid environments
Conduct regular security reviews of cloud infrastructure deployed by engineering teams
Evaluate infrastructure-as-code against security standards
Review and validate compliance with security policies and best practices
Assess adherence to AWS Well-Architected Framework security pillar
Identify and document security misconfigurations and non-compliant controls
Develop and maintain security posture dashboards
Create or update security configuration guides and playbooks
Offer technical consultation to engineering teams on secure implementation
Implement AWS security controls and services to ensure proper security hardening and other security engineering tasks.
Develop and update AWS security configuration standards
Conduct security training sessions for engineering teams
Present findings and recommendations in team meetings
Identify opportunities to automate security assessments
Recommend security tooling improvements
AWS Certified Security - Specialty (strongly preferred)
AWS Certified Solutions Architect - Professional or Associate
Demonstrated experience implementing secure, scalable AWS cloud architectures following industry best security practices and security frameworks.
Demonstrated federal experience and comprehensive knowledge in adopting and implementing federal cybersecurity requirements, including but not limited to the NIST Cybersecurity Framework, OMB Memorandum M-22-09, NIST SP 800-53
Possess deep analytical, problem-solving, and troubleshooting experience, to independently resolve complex security challenges.
Proven ability to provide technical security consultation and advisory services with a proactive approach to identifying potential issues, raising questions, and engaging in open dialogue with team members and stakeholders to ensure security objectives are met.
Strong understanding of security concepts and technologies related to Identity and Access Management (IAM), security engineering, network security design, security operations, security architecture, general engineering processes, cloud security, data loss protection, zero trust, DevSecOps and vulnerability management.
Technical skills in AWS cloud security, security engineering, DevSecOps, scripting, and Infrastructure-as-code (IaC)
Self-motivated and able to work independently
Strong attention to detail
Minimum Qualification
Minimum 5 years hands-on AWS security experience