Sr. Cloud Cybersecurity Engineer

Provide technical subject matter expertise for a small team focused on adopting an array of Cloud-based technologies and services. The engineer should be looking to apply their experience with AWS, Azure, Google and other IaaS, PaaS, SaaS technology and services to assist in solving the technical challenges faced by our customers. The team evaluates new solutions to ensure that they are designed, engineered, and deployed to meet the security objectives in mission-focused environments.

The Cloud Cybersecurity Engineer will be responsible for evaluating designs and helping to engineer cloud-based solutions for customers in their transition to Cloud and hybrid infrastructure. The individual will assess and support the integration of new security features (CSP security tools, CASB, etc.) into existing infrastructures, provide gap analysis of cybersecurity features, and relate the existing system to future needs and trends. Working closely with project leads, the Cloud Cybersecurity Engineer will provide engineering recommendations that align technical and security capabilities that support business needs. The individual will also evaluate proposed cloud infrastructure changes to ensure security protections remain effective.

As part of a small team, the Cloud Cybersecurity Engineer will focus on providing Cloud expertise on methodical architecture evaluation, networking and firewall rule evaluation, and intrusion detection and prevention sensor (IDPS) deployment in cloud environments that enable continuous monitoring.

As a key contributor to a large program, the Cloud Cybersecurity Engineer must be able to support specific projects and other team members with projects, from inception through full implementation. They must share responsibility and information with peers to facilitate open communication open and the successful implementation of projects.

• Work with customer to engage project managers in understanding security requirements and best practices;
• Evaluate proposed Cloud architecture and protection changes to evaluate potential risks and determine effectiveness;
• Research emerging Cloud and security technologies, policies, and best practices; apply to wide array of customer needs;
• Maintain awareness of current threats in support of security solution development efforts;
• Work across Cloud technology teams to enhance/reinforce security in Cloud infrastructure efforts and behaviors;
• Provide briefings and written recommendations to senior leadership on major new technologies, issues, and changes that impact cyber risks;
• Provide technical expertise, working independently and with team members, to ensure maximum cybersecurity protections;
• Prepare and provide written and verbal recommendations for mitigating cyber risks across a wide array of technologies, including Cloud;
• Document the standard operating procedures for supporting each capability and recovering from any system degradation;
• Provide technical expertise to meet current and future security design, as well as architecture requirements for IaaS, PaaS, and SaaS implementations;
• Collaborate with fellow team members and various stakeholders, sharing information and knowledge to establish and maintain a productive line of communication.

• Bachelor’s Degree in relevant field
• Minimum five (5) years of experience in enterprise systems lifecycle management, structured system development methodologies (preferably Information Engineering with a focus on cloud technology), structured analysis, and/or information systems development or a relevant technical discipline
• Three (3) years of experience engineering/administering cloud solutions for IaaS, PaaS and SaaS
• Demonstrated experience working with network routing, virtual private networks (VPN), software defined networking (SDN), and Public Key Infrastructure (PKI)
• Proficiency in network protocol analysis, firewall, cryptographic standards and related technical protection rule analysis for both cloud and hybrid infrastructure.
• Strong understanding of network security monitoring principles, including IDS placement, both Cloud-based and on premise, supporting a hybrid infrastructure (host and network based)

• MS in related field
• Experience with the implementation and support of advanced Identity and Access Management solutions, including directory services, PIV, single-sign on, authentication services, privileged access management, and federation (OAuth, OpenID, SAML, etc.)
• Experience in Linux/Unix, shell scripting
• Experience in Powershell
• Experience with container technologies
• Desired Certifications: CISSP, CCSP, ISSAP, ISSEP, CCNP, RHCE, CEH, AWS, Azure