Cloud Security Engineer – Senior

at Exeter Government Services, LLC
Published September 10, 2022
Location Tampa, FL
Category Default  
Job Type Full-time  

Description

Job Title: SOCOM - Cloud Security Engineer Senior

Location: MacDill AFB, Tampa FL

Required Clearance: TS-SCI

Certifications: DoD 8570 IASAE Level I II [ CISSP Information Systems Security Architecture Professional (ISSAP) or CISSP Information Systems Security Engineering Professional (ISSEP) ]

Required Education: Bachelor 's degree from an accredited institution; commensurate level of experience can be substituted for education requirement

Required Experience: Eight ( 8 ) years of progressive, relevant experience or equivalent combination of education and experience

Position Description:

Exeter is seeking a qualified professional to fulfill the role of t he on-site Cloud Cybersecurity Engineer . You will specialize in cloud technologies in varied environments, including, but not limited to, Amazon, Microsoft, and Google platforms. In addition, the successful applicant will have experience OR knowledge of Red Hat OpenShift cloud application platform. As the Cloud Infrastructure Cybersecurity Engineer at USSOCOM, you will be responsible for all cybersecurity risk

management and compliance initiatives relating to the use of the cloud computing environment. Primary function is to work with agile development teams across organizations, understanding the standard cybersecurity configurations for cloud computing and ensuring that all cybersecurity requirements in our cloud environments meet DoD and USSOCOM cybersecurity requirements. The ideal candidate is someone with Development Operations (DevOps) experience, with a solid background in designing and developing automation to support Continuous Integration and Continuous Delivery (CI/CD) processes. Must also have a working knowledge and understanding of application security toolsets used in the CI/CD DevOps pipelines. In addition, the cloud security engineer will provide cloud infrastructure cybersecurity engineer expertise, collaborate with agile development teams, integrate DevSecOps pipeline solutions, defining a cloud security baseline per product to ensure proper cybersecurity and compliance.

Primary Responsibilities:

  • Provide cloud cybersecurity guidance and direction in the design, development and implementation of automated solutions, based on a set of standards and processes that enable CI/CD developers to easily apply cybersecurity and compliance services

  • S upport s and coordinat es with other Engineers, Architects, and teams in implementing a comprehensive cloud and application security program in a DevOps environment

  • Manage cloud infrastructure cybersecurity standards and procedures

  • Member of the cloud Joint Validation Team; review and analyze cloud service provider artifact for completeness, consistency, compliance, and due diligence

  • Interface with application and infrastructure engineers

  • Develop cybersecurity plans and roadmaps and l everage DevOps tools to build, harden, maintain and instrument comprehensive cloud-based cybersecurity orchestration platform

  • Validate cloud infrastructure projects align with cybersecurity and compliance best practices

  • Participate in cloud design reviews and l ead cloud cybersecurity technology reviews

  • Perform risk and vulnerability assessments of cloud IT and IS for accreditation; prepare risk assessment reports for submission to SCA and AO in accordance with DoD, USCYBERCOM, USSOCOM policies, procedures, and regulations

  • Coordinate, manage and facilitate cloud cybersecurity compliance processes with internal and external stakeholders to provide timely deliverables and rapid remediation

  • Identify, assess, and advise on cloud related cybersecurity compliance risks and controls

  • Provide cloud cybersecurity expertise at technical meetings, reviews and briefings

  • Complete annual or periodic cybersecurity assessments of the cloud environment

    Required Qualifications:

  • Top Secret Sensitive Compartmented Information (TS/SCI) clearance required

  • DoD 8570 IASAE Level III [ CISSP Information Systems Security Architecture Professional (ISSAP) or CISSP Information Systems Security Engineering Professional (ISSEP) ]

  • Bachelo r's degree from an accredited institution; commensurate level of experience can be substituted for education requirement

  • Eight ( 8 +) years of progressive, relevant experience or equivalent combination of education and experience

  • Familiar with cybersecurity architecture design principles

  • Broad hands-on knowledge of firewalls, intrusion detection systems (IDS), data encryption and other standard cybersecurity techniques and practices

  • Strong experience in cybersecurity and information security and how it relates to all aspects of software/systems design and infrastructure

  • Hands on experience implementing cybersecurity solutions with a focus in Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) in an enterprise environment

  • Familiarization with Federal Information Processing Standards (FIPS)-199, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and DoD Cloud Security Requirements Guide

  • Through IT cybersecurity experience preferably in cloud implementation or maintenance

  • Experience OR deep knowledge of using containerization technology, including Open Container Initiative (OCI) compliant containers and OpenShift Container Platform (OCP)

  • Strong experience designing, developing and deploying cybersecurity tools and technologies for cloud architectures

  • Experience with container cybersecurity solutions such as Twistlock and source code scanning solutions such as Fortify

  • Proficient in a Linux or UNIX based environment; experience in Red Hat Enterprise Linux (RHEL) is considered a plus

  • Extensive experience implementing / enforcing application security / vulnerability management

  • Experience in DevOps and software engineering processes and procedures

  • Working knowledge of NIST Cybersecurity Framework and Cloud Security Alliance framework

    Desired Qualifications /Experience :

  • Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desire d

  • E xperience with AWS, Microsoft Azure and Google Cloud Platforms is considered a plus

    Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

    clearancejobs

Drop files here browse files ...