Click here to login or register
Reference # : 18-02539 Title : Security Engineer - IV
Location : Ashburn, VA
Position Type : Contract
Experience Level : Start Date : 09/14/2018  
Description
Description: Cloud Security Engineer/SME:
The candidates shall have a minimum of seven (7) years of experience in cloud security in Cyber Security. If the candidate has a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field, five (5) years of experience in incident detection and response, and cloud engineering/security is required.


This is a hands-on role that requires a high degree of technical security expertise within the AWS ecosystem. You will be the person responsible for security related tasks, including the implementation and day-to-day administration of Information Security solutions, and optimizing configurations for effectiveness. Your primary responsibilities include performing assessments of security architecture, making practical recommendations to reduce risks, and then help realize the change, as well as the prevention and remediation of security vulnerabilities within AWS using existing or new solutions. Your daily task will have you interacting closely with personnel from other functions in Information Security, Cloud Ops, R&D, and Product Management.

Assist teams in complying with cloud security controls Design/apply common security controls and control inheritance guidelines to support a component-based application of the security architecture.
Develop and mature the security controls matrix that consolidates all applicable security controls and associated control type, control owners, implementation and status Support continuous monitoring of the system through attendance at change management meetings, identifying impacts to security, performing assessment and communicating impact to security posture with recommendations and ongoing security control assessments and updates to key documentation.
Measure compliance against standards
Performs requirements analysis, and develops software architectures to meet requirements Provide training on technologies to other engineers and team members Strong multi-tasking and organizational skills Ability to prioritize simultaneous high visibility projects Configure and maintain automation and scripting via PowerShell, Python, Perl, or Bash Develop System Security Plans working with the engineering and operations teams to identify strategies for control implementation Develop system-specific policy, process and procedures ranging from access control, vulnerability management and key management Develop other security-related documents required for authorization such as categorization, contingency plans, incident response plans and privacy impact assessments Develop procedures to automate security tasks during code builds and deployments Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.


Your skills:

Knowledge of network based, system level, and application layer attacks and mitigation methods Experience configuring/sending pertinent security data from SIEM solutions and AWS audit, logs, and reports Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27017 Experience in DevOps environments and maintaining security in CI/CD processes Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management, etc Experience working with container technology including Docker and Kubernetes Knowledge of AWS automation strategies and tools Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security Ability to clearly and effectively communicate concerns, issues to other teams Experience in developing, documenting, and maintaining security procedures Proficient in AWS CLI, Bash, and Python Must have knowledge of cloud automation and deployment frameworks with regards to their use in highly available environments (Lambda/CloudFormation/Azure Resource Manager/Azure Functions)