Resumo da vaga

Cloud Security Engineer (AWS)

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

What You Will Do:

  • We are seeking an experienced AWS Security engineer to design, implement and maintain security controls across AWS cloud environments.
  • This role will focus on safeguarding cloud workloads, ensuring compliance with industry standards, and driving leading/best practices in identity management, monitoring, and threat detection.
  • The ideal candidate is hands-on with AWS security services, has deep knowledge of cloud security frameworks, and can partner with engineering and operations teams to embed security into the system.
  • Design and implement secure architecture within AWS using services such as IAM, KMS, CloudTrail, Config, and third-party tools/services
  • Implement and manage centralized logging, monitoring, audit monitoring, incident triage and alerting solutions. Conduct threat modeling, vulnerability scanning, and penetration testing.
  • Compare the system environment with applicable security requirements (CIS Benchmarks, NIST, HIPAA, FedRAMP, SOC 2 etc.) as applicable and chart a path towards compliance.
  • Support incident detection, investigation and response within AWS workloads. Maintain and monitor audit trails across accounts and services. Work with compliance and risk teams to align security with regulatory requirements.
  • Maintain security control documentation
  • Support Disaster Recovery/Continuity of Operations (DR/COOP) tests
  • Support audits and other compliance related requests

What You Will Need:

  • US Citizenship is required.
  • Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred.
  • Bachelor’s degree from an accredited university.
  • Minimum of TWO (2)+ years of relevant work experience.
  • Experience in cloud security or cybersecurity roles focused on AWS security.
  • Expertise in AWS core services (EC2, S3, RDS, Lambda, ECS/EKS, CloudFront, Route 53, IAM, etc.)
  • Knowledge of CI/CD pipelines, GitHub Actions audit, CodeBuild job review, artifact migration, secrets verification, deployment dry runs, rollback prep, cutover support.
  • Knowledge of tax-processing, tax compliance, case management, and taxpayer data are highly preferred.
  • Experience in organizing, directing, and managing multiple, complex, and interrelated application development and testing tasks.
  • Experienced in the following: Monitoring AWS/Databricks telemetry by leveraging AWS tools (GuardDuty) or third party monitoring tools selected by clientManaging access, including granting and removing, supporting integration with an IGA solution, identifying stale accountsRotating keys/certificates by leveraging KMS (AWS tool)Enforce encryption for data in transit/at restGenerating or supporting the generation of information for access entitlementTrack and remediate vulnerabilities/ Plan of Action and Milestones (POA&Ms)
  • Monitoring AWS/Databricks telemetry by leveraging AWS tools (GuardDuty) or third party monitoring tools selected by client
  • Managing access, including granting and removing, supporting integration with an IGA solution, identifying stale accounts
  • Rotating keys/certificates by leveraging KMS (AWS tool)
  • Enforce encryption for data in transit/at rest
  • Generating or supporting the generation of information for access entitlement
  • Track and remediate vulnerabilities/ Plan of Action and Milestones (POA&Ms)
  • The individuals should be responsible for technical quality and coordination with government technical leads throughout information technology (IT) and shall be available during normal hours of operation.
  • Proven ability to work autonomously and collaborate, mentor, help, and support other team members, as needed to solve complex operational and reliability problems.
  • Strong development background in Python, Bash or similar

Details

  • Monitoring AWS/Databricks telemetry by leveraging AWS tools (GuardDuty) or third party monitoring tools selected by client
  • Managing access, including granting and removing, supporting integration with an IGA solution, identifying stale accounts
  • Rotating keys/certificates by leveraging KMS (AWS tool)
  • Enforce encryption for data in transit/at rest
  • Generating or supporting the generation of information for access entitlement
  • Track and remediate vulnerabilities/ Plan of Action and Milestones (POA&Ms)

What Would Be Nice To Have:

  • AWS Certified Security – Specialty (Highly desirable).
  • Advanced Cloud and/or advanced Databricks certifications in good standing, at the time of contract award and throughout the period of performance is highly preferred.
  • AWS Certified Solutions Architect or DevOps Engineer certifications.
  • CISSP, CISM or GIAC certifications.

Benefits include:

  • Medical, Rx, Dental & Vision Insurance
  • Personal and Family Sick Time & Company Paid Holidays
  • Parental Leave
  • 401(k) Retirement Plan
  • Group Term Life and Travel Assistance
  • Voluntary Life and AD&D Insurance
  • Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
  • Transit and Parking Commuter Benefits
  • Short-Term & Long-Term Disability
  • Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
  • Employee Referral Program
  • Corporate Sponsored Events & Community Outreach
  • Care.com annual membership
  • Employee Assistance Program
  • Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
  • Position may be eligible for a discretionary variable incentive bonus
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoCloud Security EngineeringÁrea da vaga
Sinal de senioridadeSeniorNível do candidato
StackAWS, CI/CD, PythonSkills principais
Localização1 país aceitoElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.

1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.
Aplicar no site da empresaSite da empresaAbrir link