Cloud Security Engineer - Washington, DC
Washington, DC

Job Description

Cloud Security Engineer

The Cloud Security Engineer should possess demonstrable experience working in at least one of the following cloud environments: AWS, Azure, or Google. The Cloud Security Engineer should be well versed in the architecture and design of the respective cloud including associated services, how the cloud interconnects with agencies, and, specifically, how to conduct business within the cloud environment in a secure manner.

Responsibilities and Duties:

Understand architectural development for cloud automated frameworks for Security Tool deployment and development, leveraging various scripting languages and open source solutions

Understand architectural, design and implement monitor security measures related to computer networks and software testing and validation procedures, programming and documentation (Cloud Security, Application Security, Vulnerability Management, Machine Learning, AI Sandboxing)

Understand cloud security plans that implement systems and procedures to effectively secure company information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure.

Work autonomously in an area of specialization to analyze internal security and provide relevant information to internal and external customers, suppliers, and partners.

Have a deep understanding of API Security, Container Security, Cloud Security to carry out ISSO related duties

Understand and interpret cloud services that are offered on a platform, to include 3rd party services

Ability to determine cost associated with cloud services and address anomalies accordingly

Work with assigned system stakeholders to understand their cloud infrastructure to adequately support the USCIS mission

The contractors staff shall have skill sets to perform computer incident response and remediation practices as outlined in NIST 800-61 (Computer Security Incident Handling Guide) and DHS 4300A Sensitive Systems Policy Handbook, Attachment F Incident Response. The contractors staff will assist the USCIS Security Operation Center (SOC) on incident response actions for security incidents affecting the USCIS Cloud environment.

Assist with the implementation of monitoring capabilities for various audiences developers, business owners, security, and infrastructure; analyze all platform level, network changes and monitor impact and provide appropriate technical solutions to resolve issues efficiently; evaluate and document operating baseline according to required standards.

Provide oversight of application packaging to ensure automation is being utilized for both the application and infrastructure builds throughout the development, test, and production environments. This includes the automation of server builds for VMs and maintenance of these builds utilizing chef scripting as deemed appropriate.

Utilize in-depth knowledge of infrastructure components (VMs, Security Products, Network ports and protocols, Databases, Middleware and open source code) to support DevOps in an enterprise environment to build, maintain and sustain an enterprise information technology DevOps operational model.

Provide technical support for enterprise infrastructure components (network, database, middleware, security and open source code) technology transitions and migrations to cloud services e.g. Platform as a Service, Infrastructure as a Service, etc.

Evaluate and implement automation of server and application builds and monitoring for multiple environments (Development, Test, Training, Production, and Disaster Recovery)

Perform as team lead or team member of a DevOps organization or environment

Perform other duties as assigned by the Government

Required Education & Experience:

Bachelors Degree or minimum of five (5) years of experience in security engineering or security operations;

A minimum of five (5) years of experience with analyzing, assessing and implementing corrective actions based on vulnerability management tools;

A minimum of five (5) years of experience managing IT projects and programs;

Personnel serving in this task order must be able to obtain and maintain a SECRET level clearance;

Active ISC2 CISSP certification or other comparable certification which must be approved in advance by the USCIS Government PM on a case-by-case basis;

Contractor shall be staffed in the Washington, DC metropolitan area, unless explicitly approved by the USCIS Government PM

Experience with cloud PaaS, SaaS and other cloud services

Experience with CI/CD - Deployment pipeline experience (Jenkins, Ansible, Terraform)

Experience or a strong knowledge of Data at Rest API design

Experience or a strong knowledge of programming languages (Python, Java etc.)

Experience or a strong knowledge of container/orchestration tools (Kubernetes, Docker, Puppet, etc.)

Log aggregation platform experience

Experience working with NIST SP 800-53, RMF, FISMA, DHS and DoD policies

Clearance: Must have an active Secret clearance

Location: Washington, DC

Job Type: Full-Time

Electrosoft Services, Inc. is a privately held, Information Technology (IT) professional services company with a special focus on cybersecurity. We have been serving Federal government since 2001. We are an 8(a) and EDWOSB firm with ISO 9001 and CMMI Level 3 certifications.

Individuals seeking employment at Electrosoft Services are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.