Job Information
KeenLogic Cloud Security Engineer in Arlington, Virginia
KeenLogic is seeking to hire a Senior Cloud Security Engineer (Azure/AWS Technical Advisor) to join our team at the Drug Enforcement Administration. As a Cloud Security Engineer, you will play a crucial role in designing, implementing, and maintaining security measures to protect an organization's cloud-based infrastructure and data. This role requires a deep understanding of cloud technologies, security best practices, and a proactive approach to identifying and mitigating security risks.
Cloud Security Engineers use technical guidance and engineering best practices to securely build and scale cloud-native applications and configure network security defenses within the cloud environment. These individuals are proficient in identity and access management (IAM), using cloud technology to provide data protection, container security, networking, system administration, and zero-trust architecture.
Cloud Engineers must have a comprehensive knowledge of FISMA, NIST, NSA, and other information security, cybersecurity, UAM, and CDM-related industry policies, standards, procedures, guidelines, best practices, developing, engineering, implementing, testing, evaluating, configuring, monitoring, and maintaining cybersecurity, UAM, CDM, insider threat detection/analysis incident detection/analysis, and vulnerability compliance and assessment software and hardware.
Personnel assigned to this role will serve primarily on the ISSO as a Service (ISSaaS) team. The designated contract team member for the ISSO as a Service (ISSaaS) team is considered Key Personnel.
This is a full-time position offering Fortune 500-level benefits, PTO, 401k, and Life Insurance, and monthly reimbursement for travel. This position is based in Arlington, VA and follows a 3x2 schedule, 3 days a week onsite and 2 days of remote work.
Required Qualifications:
Active Secret clearance
Must be eligible for Top-Secret clearance
Master’s degree in Computer Science, Information Systems, or Information Technology Engineering, Information Technology Management, Business Management, or task order specific discipline or related field, equivalent work experience or equivalent educational and/or qualifications, and ten years of documented relevant work experience
Certifications: DoD IAT, IASAE, or CSSP Level II or III or equivalent
10+ years of experience in any combination of cloud cybersecurity, cloud security engineering, and/or cybersecurity experience.
Experience in network, system, software, and/or cloud architecture; design, implementation, support, and evaluation of security-focused tools and services
Job Duties:
Design and implement secure cloud architecture for various cloud platforms (AWS, Azure, & GCP)
Collaborate closely with architects and developers to ensure security is integrated into the entire cloud environment
Implement and manage security monitoring tools for cloud environments
Respond to and investigate security incidents, providing timely resolution
Ensure cloud environments comply with industry standards and regulations
Implement and monitor governance frameworks for cloud security
Develop and maintain scripts or automation tools for security tasks
Implement DevSecOps practices to integrate security into the CI/CD pipeline
Conduct regular vulnerability assessments and coordinate remediation efforts
Keep abreast of emerging threats and vulnerabilities in cloud environments
Maintains all documentation
Supports and develops automation
Develop in languages such as Bash, PowerShell, Python
Maintains/enhances knowledge of related (AWS / Azure / GCP / OCI) cloud services
Monitors and tunes the cloud systems to achieve optimum performance levels
Propose and implement cloud infrastructure transformation and automation based on customer requirements
Assist in building, troubleshooting, and optimizing container-based cloud infrastructure
Assist in selecting, implementing, and tuning configuration management (CM) technology platforms
Assist in ensuring operational readiness for launching secure and scalable workloads into public and hybrid cloud environments
Work to validate existing infrastructure security, performance, and availability and make recommendations for improvements and optimization
Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements
Preferred Qualifications:
Any combination of security engineering experience in the following areas: AWS GOV Cloud, SPLUNK, tools (CORE, SOAR, ES, UBA), SIEM , Azure Cloud, Kubernetes, Docker, Rancher, Linux, or windows command line experience. (AWS, Ali Cloud, Azure), Familiarity with CloudFormation, EC2, EMR, S3, Redshift, RDS, SQS and AutoScaling Groups, and container orchestration is a plus
AWS Certified Cloud Practitioner, AWS Certified Solutions Architect – Professional, AWS DevSecOps Engineer, AWS Solutions Architect Associate, AWS Security Specialty
Azure Fundamentals, Azure Data Fundamentals, Azure Ai Fundamentals, Azure Security Engineering Associate, Azure Solutions Architect Expert
AWS Inspector
AWS GuardDuty & Security Hub
Integrate AWS events with Azure Sentinel
3rd party firewall appliances – Palo alto
CyberArk – Installation & Configuration
Google Associate Cloud Engineer
Cloud Security Alliance: Certificate of Cloud Security Knowledge (CCSK)
SANS Institute Certification SEC541: Cloud Security Attacker Techniques, monitoring, and threat detection
SANS Institute Certifications: SEC 488: Cloud Security Essentials, SEC 540: Cloud Security and DevSecOps Automation, SEC 388: Introduction to Cloud Computing and Security
Experience briefing and building visualization for executive leadership, PowerBI & API use, risk assessment through data aggregation.
Education Substitution:
Any combination of certificates such as:
AWS Certified Cloud Practitioner, AWS Certified Solutions Architect – Professional, AWS DevSecOps Engineer, AWS Solutions Architect Associate, AWS Security Specialty
Azure Fundamentals, Azure Data Fundamentals, Azure Ai Fundamentals, Azure Security Engineering Associate, Azure Solutions Architect Expert
Google Associate Cloud Engineer
Cloud Security Alliance: Certificate of Cloud Security Knowledge (CCSK)
SANS Institute Certification SEC541: Cloud Security Attacker Techniques, monitoring, and threat detection
SANS Institute Certifications: SEC 488: Cloud Security Essentials, SEC 540: Cloud Security and DevSecOps Automation, SEC 388: Introduction to Cloud Computing and Security
May be considered equivalent to two (2) year of general experience. Certificates under the DoD IAM, IAT, IASAE, or CSSP Levels II or III may be considered equivalent to two (2) years of relevant experience.
Any combination of certificates such as Microsoft’s MCSE, or Cisco’s, CCNA, CCDA, or CCNP, may be considered equivalent to two (2) year of general experience / information technology experience.
Certificates under the DoD IAM, IAT, IASAE, or CSSP Levels I, II, or III may be considered
Powered by JazzHR