Principal AWS Security Engineer

Us...

We were founded as a fresh alternative in the Government Consulting Community and are dedicated to the belief that results are a product of analytical thinking, agile design principles and that solutions are built in collaboration with, not for, our customers. This mantra drives us to succeed and act as true partners in advancing our client's missions.

Program Mission...

The program provides Security Program Support Services to the National Institute of Health (NIH).

As a Principal AWS Security Engineer, you'll join a Cyber Security Ops organization that supports a leading federal healthcare client.

Responsibilities:

• Implementation and hardening of cloud environments by clearly establishing the tenant boundary and implementing a defense-in-depth approach.
• Lead AWS team; provide guidance and/or mentor team members as appropriate.
• Provide expertise on AWS and other related solutions; conduct research, develop write-ups, perform cost benefit analyses and provide recommendations on as needed basis.
• Assume role of Senior Advisor to client; develop ad hoc presentations/slides and create documents using MS Office products and present to client leadership as requested!
• Must be available outside of regular office hours to support troubleshooting and response to system issues as needed on 24/7/365 basis
• Architect, engineer, and maintain complex cloud environments.
• Implementation of the principle of least privilege for tenants and their subscriptions.
• Configure, collect, analyze AWS logs from different sources such as; platform logs, performance data from virtual machines, and application logs.
• Create queries, alerts, reports and dashboards.
• Evaluate, architect, deploy and maintain AWS infrastructure resources including network, VM, storage accounts, and all networking configurations.
• Ensure best practices of security requirements are deployed for an information system.
• Analyze scan results, and document findings for compliance.
• Develop assessment programs.
• Assist with cyber incidents as necessary.
• Assist with forensics and analysis when appropriate.
• Comment on new ODNI/NIST standards / regulations as applies to client environment.
• Employ best practices when implementing security requirements and working on or in a system.
• Participate in security exercises and working groups as applicable.
• Maintain current knowledge of relevant technology as assigned.
• Participates in special projects as required.

Requirements:

• Twelve (12) or more years of work experience with at least one of those specialized in cyber security.
• A minimum of five (5) years technical experience effectively providing network and/or systems administration, information assurance security, testing and evaluation.
• Must have scripting knowledge with PowerShell, Python, Bash, or similar.
• Experience with CI/CD containers and how to secure them.
• Understand the risks Government Agencies face and how to use the AWS to design and implement "Zero Trust - Identity and Data Centric" solutions that will mitigate these risks and ensure compliance.
• High technical ability/aptitude, demonstrated through prior technical experience and accomplishments.
• Experience in applying security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security, DevSecOps and CI/CD Implementation.).
• Attention to details.
• Critical thinking skills.
• Analytic skills and experience.
• Strong teamwork and collaboration skills.
• Good written and verbal communication skills.
• Ability to pass a security clearance background investigation.
• Ability to work independently.
• Ability to manage workload effectively and perform in agile environment where tasks and priorities may often shift.
• Ability to work on occasional weekends and holidays.
• Proficient in MS Office (Word, PowerPoint, Excel) and MS Project.
• Excellent command of English language in speaking and writing.
• Experience in a rapid paced, time sensitive, high-quality environment.
• History of ethical performance.
• Exhibit strong consultative skills,client delivery, business development, and proposal development experience.
• Strong management, teamwork, and interpersonal skills against difficult due dates and timelines.
• Strong written and verbal skills to effectively communicate at all levels in government and industry.

Desired:

• Experience working in an agile environment and managing tasks in Jira.
• Certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec , AWS Security, etc.).
• Experience in a cyber security operational environment.
• Current Security clearance.
• Knowledge and experience using an incident response framework.
• Programming or scripting experience.
• Server and/or application administration experience.
• Knowledge of Federal contract vehicles.
• Experience with government contracting firms supporting the Federal government.

Years of Experience: Twelve (12) or more years of work experience with at least one of those specialized in cyber security and a minimum of five (5) years technical experience effectively providing network and/or systems administration, information assurance security, testing and evaluation (See "Requirements" for more information).

Education: Bachelor's.

Location: Bethesda, MD or a remote work option available with periodic travel to Bethesda, MD.

Clearance: U.S. Citizenship required and ability to attain a Level 6: Public Trust - High Risk clearance which must undergo a Suitability Determination that includes a Background Investigation (BI) with Periodic Reinvestigation (PRI) reinvestigation every ten years.