Cloud Security Engineer
Steampunk.com, Mc Lean, VA, United States
Overview
As a
Cloud Security Engineer,
you will work within our growing DevSecOps practice delivering features to support developing, testing, and monitoring secure cloud architectures for cloud migration, cloud optimization, and cloud deployment in an AI-enabled software development environment. We are looking for candidates with 3-5 years experience with cloud platform services, cybersecurity and DevOps practices such as infrastructure as code and confirmation management automation.
Contributions
Responsibilities include:
Identify and implement the most secure cloud-based solutions for the customer including components for zero-trust architectures, identity and access management policy, and data privacy
Understand the needs of stakeholders and optimize solutions that marry security with usability
Monitor cloud environments for suspicious activities with cloud native monitoring or SIEM solutions and investigate security incidents where appropriate
Examine infrastructure as code written by others and analyzing risk
Ensure that systems are safe and secure against cybersecurity threats through risk assessment, threat modeling, and compliance with industry standards (e.g. NIST, ISO 27011, HIPPA, FISMA, etc.)
Identify technical problems, perform root cause analysis, and develop updates and ‘fixes’
Automate security processes such as vulnerability management and patch management
Work with software developers and DevSecOps engineers to ensure that development follows established security processes and works as intended
Support enterprise cloud security through infrastructure as code including any activities around automated server or network configurations, large-scale software deployments, and monitoring and testing
Ensure effective design and implementation of data protection and encryption mechanisms for data at rest and in transit
Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations
Identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues
Act as an individual contributor and mentor more junior team members
Engineer and implement solutions and provide recommendations for continuous improvement for the services provided
Present regular status updates and provide cross training to other team members
Qualifications
Required:
Ability to obtain a U.S. government Security Clearance
Bachelor's Degree and 5 years of experience
3+ years of experience architecting, designing, developing, and implementing cloud solutions
3+ years of experience with cloud platforms (i.e. AWS, Azure, or GCP)
3+ years of experience with Git SCM providers such as GitHub, GitLab, Bitbucket
3+ years of experience with systems development in an Agile environment
3+ years of experience implementing infrastructure as code and orchestration
3+ years of experience providing conducting monitoring, risk assessment, threat modeling and security testing in cloud environments
3+ years of experience documenting POAMs, SSPs, and A&A support documentation
Preferred:
Certifications:
AWS Certified Security Specialty
AWS Certified Solution Solution Architect Associate
Microsoft Certified Azure Administrator Associate
Certified Information Systems Security Professional (CISSP)
Excellent written and verbal communication skills, interpersonal and collaborative skills
Experience with documenting an as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations preferred
Experience with scripting in Concourse, Bash, PowerShell, Python, Groovy, or Ruby
Experience with automation tools, including Pivotal, Chef, Terraform, CloudFormation, or Ansible
About
steampunk
Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $100,000 to $175,000.
The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk’s total compensation package for employees. Learn more about additional Steampunk benefits here.
Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Steampunk is a
Change Agent
in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors.
Through our
Human-Centered delivery methodology , we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges.
As an
employee owned company , we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.
As a
Cloud Security Engineer,
you will work within our growing DevSecOps practice delivering features to support developing, testing, and monitoring secure cloud architectures for cloud migration, cloud optimization, and cloud deployment in an AI-enabled software development environment. We are looking for candidates with 3-5 years experience with cloud platform services, cybersecurity and DevOps practices such as infrastructure as code and confirmation management automation.
Contributions
Responsibilities include:
Identify and implement the most secure cloud-based solutions for the customer including components for zero-trust architectures, identity and access management policy, and data privacy
Understand the needs of stakeholders and optimize solutions that marry security with usability
Monitor cloud environments for suspicious activities with cloud native monitoring or SIEM solutions and investigate security incidents where appropriate
Examine infrastructure as code written by others and analyzing risk
Ensure that systems are safe and secure against cybersecurity threats through risk assessment, threat modeling, and compliance with industry standards (e.g. NIST, ISO 27011, HIPPA, FISMA, etc.)
Identify technical problems, perform root cause analysis, and develop updates and ‘fixes’
Automate security processes such as vulnerability management and patch management
Work with software developers and DevSecOps engineers to ensure that development follows established security processes and works as intended
Support enterprise cloud security through infrastructure as code including any activities around automated server or network configurations, large-scale software deployments, and monitoring and testing
Ensure effective design and implementation of data protection and encryption mechanisms for data at rest and in transit
Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations
Identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues
Act as an individual contributor and mentor more junior team members
Engineer and implement solutions and provide recommendations for continuous improvement for the services provided
Present regular status updates and provide cross training to other team members
Qualifications
Required:
Ability to obtain a U.S. government Security Clearance
Bachelor's Degree and 5 years of experience
3+ years of experience architecting, designing, developing, and implementing cloud solutions
3+ years of experience with cloud platforms (i.e. AWS, Azure, or GCP)
3+ years of experience with Git SCM providers such as GitHub, GitLab, Bitbucket
3+ years of experience with systems development in an Agile environment
3+ years of experience implementing infrastructure as code and orchestration
3+ years of experience providing conducting monitoring, risk assessment, threat modeling and security testing in cloud environments
3+ years of experience documenting POAMs, SSPs, and A&A support documentation
Preferred:
Certifications:
AWS Certified Security Specialty
AWS Certified Solution Solution Architect Associate
Microsoft Certified Azure Administrator Associate
Certified Information Systems Security Professional (CISSP)
Excellent written and verbal communication skills, interpersonal and collaborative skills
Experience with documenting an as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations preferred
Experience with scripting in Concourse, Bash, PowerShell, Python, Groovy, or Ruby
Experience with automation tools, including Pivotal, Chef, Terraform, CloudFormation, or Ansible
About
steampunk
Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $100,000 to $175,000.
The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk’s total compensation package for employees. Learn more about additional Steampunk benefits here.
Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Steampunk is a
Change Agent
in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors.
Through our
Human-Centered delivery methodology , we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges.
As an
employee owned company , we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.