Cloud Infrastructure Security Engineer, Lead

McLean, Virginia, United States
Mar 19, 2019
Mar 21, 2019
Full Time
Job Description Job Number: R0037016

Cloud Infrastructure Security Engineer, Lead

Key Role:

Partner with federal and commercial clients to implement comprehensive Cybersecurity solutions in Infrastructure as a Service (IaaS) public Clouds in complex, high impact, and highly regulated environments. Lead a team of engineers in support of client engagements by delegating tasks, overseeing the quality of work produced, and providing mentorship. Analyze the creation of technical roadmaps, project plans, requirements, designs, and implementation plans in AWS, Azure, and Google. Leverage deep technical expertise, including knowledge of IT security compliance policies and expertise in administering virtual and Cloud computing solutions to advise and educate both technical and non-technical members of the client's organization and the firm to achieve objectives. Provide hands-on technical engineering and administration support and lead teams of engineers in the development of client and investment solutions. Apply automation, orchestration, and DevOps concepts and tools to accelerate implementation and operations activities and conduct research on emerging technologies and industry trends, including Cloud Access Security Brokers (CASBs) and Security Automation and Orchestration (SAO) for impacts to client challenges. Work closely with clients, leadership, and vendors to gain approvals, overcome obstacles, and reach consensus in the furtherance of the client's mission and the firm's Cloud security strategy.

Basic Qualifications:

-8+ years of experience with engineering or administering commercial enterprise or government IT systems and networks

-2+ years of experience with supporting production IT infrastructure systems in public IaaS Clouds, such as AWS, Azure, or Google

-2+ years of experience with implementing and supporting network and system security tools, such as network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS), anti-malware, vulnerability scanning, encryption, monitoring, or Identity, Credential, and Access Management (ICAM)

-1+ years of experience with leading teams of technical staff in the delivery of technical artifacts, and deliverables

-Knowledge of native Cloud security services in AWS and Azure, Cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication, and risk management, and the differences between traditional and Cloud architecture strategies

-Ability to automate the provisioning and configuration of IT environments with tools, such as CloudFormation, Puppet, Chef, Ansible, or PowerShell

-Ability to obtain a security clearance

-HS diploma or GED

Additional Qualifications:

-Experience with the full software or systems development life cycle, including requirements analysis, design, integration, testing, and implementation

-Experience with working in a network Security Operations Center (SOC) as an engineer or analyst

-Experience with implementing Docker Datacenter

-Experience with software development in one or more of the following languages: .NET, Java, PHP, Perl, Python, or Ruby

-Knowledge of federal IT and Cloud security policies, including FISMA, FedRAMP, NIST 800-53, and DoD Cloud SRG and applying them to the design and implementation of Cloud solutions to achieve an Authorization to Operate (ATO)
-Possession of excellent oral and written communication skills, including public speaking, prior publications, and speaking engagements in relevant industry or vendor forums

-BA or BS degree

-Security+ or CISSP Certification

-AWS Associate Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

CDM, SIG2017