AWS Security Engineer (Firewalls)-Telework available

19 May 2024

Vacancy expired!

The responsibilities encompass collaborating with other DevOps and SysOps teams to transition public-facing, on-premise applications to the cloud; securing the configuration management of the cloud infrastructure; mitigating risks, and applying security controls to improve visibility and diagnostics in compliance with governing Federal requirements and security best practices.

  • Developing and deploying infrastructure as code (IaC) scripts to implement and optimize security controls and mechanisms of a cloud infrastructure.
  • Acting as the subject matter expert for cloud security and tools such as Security Information and Event Management (SIEM), access control mechanisms, Intrusion Detection and Intrusion Prevention Systems (IDS/IPS).
  • Experience with Cisco ASA Firewalls or other firewalls/security devices(Juniper/Palo Alto) in an enterprise environment.
  • Monitoring cloud infrastructure and pro-actively mitigate potential incidents before service degradation occurs.
  • Providing guidance to our DevOps teams developing on public cloud platforms, advising on security standards for cloud deployment, and working to identify common patterns for template provisioning.
  • Conducting assessments of security controls for new and existing cloud systems; creating and maintaining as-built system documentation, architecture diagrams, and online collaborative documentation.
  • Determining security modes of operation and recommending new or revised security measures and countermeasures for current security challenges.
  • Collaborating with team members to continue to evolve and implement a state-of-the-art secure cloud infrastructure.

Required Qualifications and Experience:
  • Minimum of 5+ years of directly relevant experience in system security administration. A Bachelor's degree in computer science, cyber security, engineering, or other related discipline would be viewed favorably but does not negate the minimum experience requirement.
  • Experience in designing and implementing an enterprise-wide cloud security architecture.
  • Proficiency with SIEM and vulnerability management solutions.
  • Experience using common networking tools to aid in troubleshooting, including nmap, Wireshark, tcpdump, etc.
  • Proficiency in one or more scripting languages: Python, Perl, PowerShell, or Bash.
  • Proficiency with TCP/IP/UDP ports and protocols, IDS/IPS, Network Access Control List (NACL), Access Control Lists (ACL), and Security Group (SG) applications.
  • CISSP certification or ability to obtain within first six months of employment.
  • Strong written and verbal communications skills.
  • Ability to obtain Level 2 Secret (ANACI) clearance if required.
Desired Qualifications and Experience:
  • Creating and editing AWS Cloud Formation scripts.
  • Securing and monitoring Kubernetes.
  • Managing and monitoring a centralized AWS logging architecture (e.g., Splunk).
  • AWS Certified Security - Specialty, ISC2, or Cloud Security Alliance.

  • ID: #41157134
  • State: Maryland Bethesda 20810 Bethesda USA
  • City: Bethesda
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2022-05-19
  • Deadline: 2022-07-17
  • Category: Security