GA DHS Senior Cloud Security Architect

The Georgia Department of Human Services (DHS), Office of Information Technology is seeking qualified candidates for the temporary contractor staffing position of Senior CloudSecurity Architect in Atlanta, Georgia.

As a Senior AWS Security Architect, you will be responsiblefor designing and implementing secure, scalable, and resilient AWS cloudinfrastructures for our organization. You will work closely with engineering,operations, and DevOps teams to ensure the highest level of security throughoutour AWS environments. Your expertise will drive best practices for cloudsecurity, risk management, incident response, and security compliance in acomplex and dynamic environment.

Key responsibilities -

• Design, build, and maintain secure AWS cloudarchitectures, incorporating best practices for identity and access management,data encryption, network security, and secure software development lifecycle.
• Lead the development and execution of securitystrategies to protect AWS environments. Provide thought leadership and guidanceto technical teams on security-related matters.
• Perform cloud security risk assessments andvulnerability assessments. Propose mitigation strategies and work closely withstakeholders to ensure the security of applications, data, and infrastructure.
• Leverage AWS security tools (e.g., AWS Shield,AWS WAF, AWS GuardDuty, AWS Security Hub, AWS IAM) to enforce security policiesand detect potential security incidents.
• Design and implement incident response plansspecific to AWS environments. Act as a lead in security incidents, conduct rootcause analysis, and guide teams on post-incident remediation and recovery.
• Ensure compliance with industry regulations andstandards such as NIST, HIPPA, IRS and SSA in AWS cloud environments. Driveaudit readiness and support security certifications.
• Collaborate with DevOps teams to incorporatesecurity into CI / CD pipelines, automate security testing, and ensure securecoding practices are followed throughout the software development lifecycle.
• Provide mentorship and training to securityengineers, developers, and other technical staff on AWS security bestpractices. Promote a security-first culture within the organization.
• Stay up to date with emerging threats,vulnerabilities, and new AWS security features. Continuously improving securityprocesses, tools, and practices to meet evolving security challenges.

Required / Desired Skills

Required / Desired Skills

SkillRequired / DesiredAmountof ExperienceBachelor's or master's degree in computer science, Information Security, Engineering, or related field. Required0Experience in IT security, with at least 10 years of hands-on experience securing AWS cloud infrastructures.Required15YearsProven track record in designing and implementing secure AWS cloud architectures.Highly desired0Expertise in security best practices for AWS, including encryption, access control, networking, monitoring, and auditing.Highly desired0AWS Certified Security.Required0CISSP, CISM, or other recognized security certifications.Required0Expertise in AWS architecture, security services, and compliance tools.Highly desired0Strong knowledge of network security, cloud infrastructure, IAM (Identity and Access Management), and encryption methodologies.Highly desired0Hands-on experience with infrastructure as code (e.g., Terraform, AWS CloudFormation).Highly desired0Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation and security tools.Highly desired0Experience in threat hunting, penetration testing, or security vulnerability assessments in AWS environments.Highly desired0Knowledge of containerization and serverless architectures in AWS (e.g., Docker, Kubernetes, AWS Lambda).Highly desired0

Questions

No.QuestionQuestion1Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement?Question2Please list candidate's email address that will be used when submitting E-RTR. Question3Candidate must be paid the rate of BR if selected for engagement therefore the SRP rate cannot exceed BR. Do you accept this requirement? Question4The maximum mark-up for this engagement's SRP rate is 35%. To be competitive on pricing, a mark-up below the 35% threshold is suggested. Do you agree to propose a mark-up at or below 35%?Question5This assignment is contingent upon customer renewal and availability of adequate funding. Do you accept this requirement?Question6The selected candidate will be expected to start their engagement no later than 2 weeks (10 business days) from the client's selection date. Do you accept this requirement?Question7HYBRID work option : However, the selected candidate must be available to report onsite as directed by the client. Do you accept this requirement?