Senior Cloud Cyber Security Engineer - TS/SCI
VMD Corp · Bethesda, MD · 2 mo ago
On-siteInformation TechnologyFull-time
Responsibilities
- Develop and maintain security policies, procedures, and best practices for cloud and cloud-native environments
- Perform security assessments, vulnerability management, and risk analysis for cloud-based systems across secure enclaves
- Implement and manage security controls for Kubernetes clusters and containerized applications
- Ensure integration of security measures into CI/CD pipelines and DevSecOps processes
- Conduct security reviews of cloud architectures, service configurations, and system design changes to understand the impact to security controls
- Develop and maintain ATO packages and ensure compliance with DOD/IC standards and frameworks such as DODI 8500 series, NIST SP 800-37, SP 800-53, CNSSI 1253, ICD 503
- Implement and manage continuous monitoring solutions for cloud environments
- Collaborate with development teams to ensure secure coding practices and perform code reviews
- Stay current with emerging cloud security threats, technologies, and best practices
Requirements
- Active or current Top Secret with SCI eligibility and ability to obtain Polygraph
- Bachelor’s degree in a related field and 8+ years of industry experience with 5+ years in cybersecurity or additional years of experience in lieu of degree (ISSO experience must be supplemented with demonstrated technical expertise)
- 5+ years securing cloud-based software applications and infrastructure as well as the implementation of security controls to controlled cloud environments
- 5+ years of experience hardening Linux hosts and automating DISA STIG implementation
- Demonstrated experience securing Kubernetes platforms (secrets management, RBAC, etc.) and integrating security into CI/CD pipelines and containers; must understand microservices architecture and service mesh
- Demonstrated experience developing A&A packages to obtain and maintain ATO in secure environments
- Strong knowledge of compliance frameworks NIST SP 800-37, SP 800-53, CNSSI 1253 and applicable DOD
- Experience with tools such as Xacta or eMass, performing vulnerability compliance scans, and assessing STIG compliance
- Experience with scripting languages such as Bash and Python for automation
- Understanding of secure software development practices and code reviews
- Experience with encryption and transport, especially in the cloud
Preferred Qualifications
- Multiple IAT/IAM II or III advanced certifications (e.g. CISSP-ISSAP/ISSEP, CISM, CCSP, Security X/CASP+)
- Cloud certifications such as AWS Solutions Architect (Associate or Professional), AWS Security Specialty
- Kubernetes certifications such as KCNA, CKA, CKSP
- Prior Linux administration experience and certifications such as Linux+, Red Hat certifications (e.g. RHCSA, RHCE)
- Experience with ICD 503 and related compliance directives, policies, procedures
- Experience with security tool such as Splunk, Nessus, SonarQube, as well as DAST & SAST tools such as Prisma Cloud and SonarQube
- Experience applying Zero Trust framework to secure systems
- Prior network engineering experience
- Experience applying security controls to Generative AI implementations