AWS Cloud Security Engineer (CSE) 9/6/2019

Solutions By Design II, LLC Washington, DC

Washington, DC
AJE Ref #
Job Classification
Full Time
Job Type
Company Ref #
Mid-Career (2 - 15 years)



Washington, DC
TheAWSCloud Security Engineer (CSE)supports the security activities associated with evaluating, implementing, managing security practices and continued operations of new and existing technologies across all client cloud environments. The CSE understands how security in the cloud is similar to that of on-prem data centers and the key differences that require difference controls and different approaches. The CSE possesses demonstrable experience working in an AWS cloud environment and is well-versed in the architecture and design of the respective cloud including associated services, how the cloud interconnects with agencies, and, specifically, how to conduct business within the cloud environment in a secure manner

The Cloud Security Engineer shall be responsible for the following:

* Understand architectural development for cloud automated frameworks for Security Tool deployment and development, leveraging various scripting languages and open source solutions

* Understand architectural design and implement security measures related to computer networks, software testing, validation procedures, programming, and documentation as it pertains to Cloud Security, Application Security, Vulnerability Management, and Network Security

* Understand cloud security plans that implement systems and procedures to effectively secure company information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure

* Apply agile practices to analyze internal security and provide relevant information to internal and external customers, suppliers, and partners

* Work with assigned system stakeholders to understand their cloud infrastructure to adequately support the mission

* Understand and interpret cloud services that are offered on a platform, to include 3rd party services

* Ability to determine cost associated with cloud services and address anomalies accordingly

* Assist with the implementation of monitoring capabilities for various audiences - developers, business owners, security, and infrastructure; analyze all platform level, network changes and monitor impact and provide appropriate technical solutions to resolve issues efficiently; evaluate and document operating baseline according to required standards

* Provide oversight of application packaging to ensure automation is being utilized for both the application and infrastructure builds throughout the development, test, and production environments. This includes the automation of server builds for VMs and maintenance of these builds utilizing chef scripting as deemed appropriate

* Utilize in-depth knowledge of infrastructure components (VM's, Security Products, Network ports and protocols, Databases, Middleware and open source code) to support DevOps in an enterprise environment to build, maintain and sustain an enterprise information technology DevOps operational model

* Provide technical support for enterprise infrastructure components (network, database, middleware, security and open source code) technology transitions and migrations to cloud services e.g. Platform as a Service (PaaS), Infrastructure as a Service (IaaS), etc.

* Evaluate and implement automation of server and application builds and monitoring for multiple environments (Development, Test, Training, Production, and Disaster Recovery) Ability to perform computer incident response and remediation practices as outlined in NIST 800-61 (Computer Security Incident Handling Guide) and DHS 4300A Sensitive Systems Policy Handbook, Attachment F Incident Response. The contractor's staff will assist the Security Operation Center (SOC) on incident response actions for security incidents affecting the Cloud environment on an as needed basis

* Perform other duties as assigned by the G.