Senior Cloud Security Engineer (Incident Responder) (Secret Clearance Required) Partners Data Systems
Arlington, VA

Job Description

TO BE CONSIDERED FOR THIS POSITION YOU MUST HAVE AN ACTIVE SECRET SECURITY CLEARANCE (U.S. CITIZENSHIP REQUIRED)

Since our founding in 2001, AIS has provided a supportive place to work for technologists to research, create and support mission critical cyber security solutions. We have built a reputation for hiring talented and motivated individuals in both our services and R&D organizations. We focus on growing and developing the skills of our employees to ensure that our organization continually provides strong support to keep pace with the needs of our customer base while keeping true to our hacker roots - the Jolly Roger flies proudly outside of our Rome, NY HQ.

Top Benefits Include:

* 401k Plan With 7% Company Contribution - Fully Vested Day 1
* 100 % Company Paid Health Insurance Premiums (Blue Cross/Blue Shield)
* 4 Weeks of Vacation + 10 Paid Holidays (several floating/flexible)
* Flexible Working Schedules

Required Qualifications:

* Understanding of Static and Dynamic Malware analysis tools and techniques
* Ability to identify and communicate remediation steps for cybersecurity events
* Significant experience managing cases with enterprise SIEM systems like Splunk
* Expert Knowledge in Cloud computing and cloud technologies
* Cloud access security Broker (CASB)or similar experience securing SaaS offerings such as O365 GoogleApps and other cloud vendors.
* Handle cloud-based security incidents from identification through containment, eradication, recovery, and reporting
* In-depth knowledge of both Amazon Web Services (AWS), Azure including networking and serverless services such as Lambda or Functions.


* Knowledgeable in hybrid cloud deployments and federated identities.
* Develop and streamline resource log collection and management tools across multiple Cloud Service Providers and on-premise Hybrid environments.
* Experience in implementing security infrastructure and ecosystems utilizing APIs and event driven security response.
* Knowledge and understanding of application hosting, with experience using Cloud Services in an Infrastructure as a Service (IAAS) or Platform as Service (PAAS) environment.
* Programming/scripting experience in C++, BASH, Python, PowerShell within an Agile development environment.
* Must possess the ability to assess architecture and current system limitations.
* Expertise with one or more of the following tools:
* cloudtrails
* LogAnalytics
* Security Compliance Center
* Windows Defender ATP
* Tanium


* Expert understanding of Network protocols and packet analysis tools.
* Deep understanding of Windows and Linux operating systems network behavior
* Expert ability to recognize potential intrusion attempts and compromises through analyses of relevant event logs.
* Expertise leveraging situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
* Be able to author Standard Operating Procedures (SOPs) and training documentation when needed.
* The ability to take lead on incident research and response.
* Provides correlation and trending of cyber incident activity.
* Willingness to mentor and teach junior and mid-level analysts.
* Communicate Up, Down, and Across All Levels of the Organization and Technical Backgrounds
* Be able to provide timely and relevant security reports.

Certifications:

* One or more certifications, including but not limited to: CCSP, CCSK, AWS certified security specialty, Microsoft Azure Security Engineer, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security) or equivalent.

Experience:

* Senior: 3+ years monitoring and detection & cloud computing