Job Title: AWS Security Engineer
Location: Washington, DC (Remote) – Must be local
Clearance Required: Active Secret Clearance (or higher)
Program: Department of State (DOS) ADD Program
Job Description:
As an AWS Security Engineer supporting the DOS ADD program, you will integrate robust security practices into cloud-based, mobile, and on-premises systems, ensuring the security and compliance of AWS environments. This role involves designing, implementing, and managing security controls across various environments and aligning cloud infrastructure with the Department of State's compliance and risk management objectives.
Key Responsibilities:
- Cloud Security Integration: Implement security defense, protection, detection, and response capabilities across cloud and hybrid environments, including AWS and mobile systems.
- CI/CD Pipeline Security: Lead the integration of static and dynamic security testing into CI/CD pipelines (GitLab) to enable faster iteration and secure deployments. Ensure that security vulnerabilities are detected and resolved early in the development lifecycle.
- Container Security & Orchestration: Manage Kubernetes and Docker container security, ensuring scalable and secure operations across multiple environments. Implement container isolation strategies to minimize risks and improve security across CI/CD stages.
- Infrastructure as Code (IaC): Lead the shift to IaC using Terraform and AWS CloudFormation, with automated scanning and remediation of security vulnerabilities in cloud resource configurations prior to deployment.
- Secrets Management: Implement secure secrets management protocols to protect sensitive data across different environments and services. Ensure that the organization adheres to the highest standards of security for data protection.
- Security Automation & Governance: Develop and enforce AWS Service Control Policies (SCPs) to govern security risks across different operational environments (Development, Testing, Staging, Production) and ensure compliance with organizational and federal regulatory requirements.
- Collaboration & Compliance: Work closely with the ISSO and System Owner to represent security interests during audits and assessments, securing multiple Authorizations to Operate (ATO) and maintaining compliance with FedRAMP, ITAR, and NIST standards.
- Risk Management: Conduct comprehensive risk evaluations in collaboration with CISA, assessing cloud environments across numerous AWS accounts. Identify vulnerabilities and enforce risk-based policies to align cloud infrastructure with compliance standards.
Qualifications:
- Experience: 5+ years of experience in cloud security, with a strong focus on AWS environments, security automation, and compliance.
- Certifications: AWS Certified Security – Specialty, AWS Certified Solutions Architect, or equivalent.
- Technical Expertise:
- Strong hands-on experience with AWS security tools, including GuardDuty, Security Hub, IAM, and KMS.
- Extensive knowledge of CI/CD pipeline integration (GitLab), with security testing tools for continuous delivery.
- Proficiency in container orchestration and security with Docker and Kubernetes.
- Expertise in Infrastructure as Code using Terraform and CloudFormation, with a focus on security automation.
- Proven track record in implementing security policies, IAM configurations, and environment isolation in AWS GovCloud.
- Compliance Knowledge: Advanced understanding of U.S. government compliance frameworks, including FedRAMP, NIST 800-53, and ITAR.
- Clearance: Active Secret clearance or higher required.
Preferred Skills:
- Familiarity with DevSecOps practices and the integration of security scanning into CI/CD workflows.
- Experience working with Department of State or other federal agencies, particularly in securing Authorizations to Operate (ATO).
- Hands-on experience with AWS Service Control Policies (SCPs) and secrets management solutions.
Improvix Technologies is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status. We encourage individuals of all backgrounds to apply.
For any questions or additional information regarding this role, please feel free to reach out to us at recruiting@improvixtech.com. We look forward to hearing from you!
•
Last updated on Oct 17, 2024