Jobs · Information Technology · Maryland

Senior Cloud Cyber Security Engineer - TS/SCI

VMD Corp · Bethesda, MD · 2 mo ago
On-siteInformation TechnologyFull-time

Responsibilities

  • Develop and maintain security policies, procedures, and best practices for cloud and cloud-native environments
  • Perform security assessments, vulnerability management, and risk analysis for cloud-based systems across secure enclaves
  • Implement and manage security controls for Kubernetes clusters and containerized applications
  • Ensure integration of security measures into CI/CD pipelines and DevSecOps processes
  • Conduct security reviews of cloud architectures, service configurations, and system design changes to understand the impact to security controls
  • Develop and maintain ATO packages and ensure compliance with DOD/IC standards and frameworks such as DODI 8500 series, NIST SP 800-37, SP 800-53, CNSSI 1253, ICD 503
  • Implement and manage continuous monitoring solutions for cloud environments
  • Collaborate with development teams to ensure secure coding practices and perform code reviews
  • Stay current with emerging cloud security threats, technologies, and best practices

Requirements

  • Active or current Top Secret with SCI eligibility and ability to obtain Polygraph
  • Bachelor’s degree in a related field and 8+ years of industry experience with 5+ years in cybersecurity or additional years of experience in lieu of degree (ISSO experience must be supplemented with demonstrated technical expertise)
  • 5+ years securing cloud-based software applications and infrastructure as well as the implementation of security controls to controlled cloud environments
  • 5+ years of experience hardening Linux hosts and automating DISA STIG implementation
  • Demonstrated experience securing Kubernetes platforms (secrets management, RBAC, etc.) and integrating security into CI/CD pipelines and containers; must understand microservices architecture and service mesh
  • Demonstrated experience developing A&A packages to obtain and maintain ATO in secure environments
  • Strong knowledge of compliance frameworks NIST SP 800-37, SP 800-53, CNSSI 1253 and applicable DOD
  • Experience with tools such as Xacta or eMass, performing vulnerability compliance scans, and assessing STIG compliance
  • Experience with scripting languages such as Bash and Python for automation
  • Understanding of secure software development practices and code reviews
  • Experience with encryption and transport, especially in the cloud

Preferred Qualifications

  • Multiple IAT/IAM II or III advanced certifications (e.g. CISSP-ISSAP/ISSEP, CISM, CCSP, Security X/CASP+)
  • Cloud certifications such as AWS Solutions Architect (Associate or Professional), AWS Security Specialty
  • Kubernetes certifications such as KCNA, CKA, CKSP
  • Prior Linux administration experience and certifications such as Linux+, Red Hat certifications (e.g. RHCSA, RHCE)
  • Experience with ICD 503 and related compliance directives, policies, procedures
  • Experience with security tool such as Splunk, Nessus, SonarQube, as well as DAST & SAST tools such as Prisma Cloud and SonarQube
  • Experience applying Zero Trust framework to secure systems
  • Prior network engineering experience
  • Experience applying security controls to Generative AI implementations

Similar jobs

Senior Cloud Engineer - TS/SCI

Parsons CorporationCentreville, VA· 5 days ago
Information Technology$112k–$196k/yrapply on parsons.wd5.myworkdayjobs.com