AWS Security Engineer SME

* Implementation and hardening of cloud environments by clearly establishing the tenant boundary and implementing a defense-in-depth approach.

* Lead AWS team; provide guidance and/or mentor team members as appropriate.

* Provide expertise on AWS and other related solutions; conduct research, develop write-ups, perform cost benefit analyses and provide recommendations on as needed basis.

* Assume role of Senior Advisor to client; develop ad hoc presentations/slides and create documents using MS Office products and present to client leadership as requested!

* Must be available outside of regular office hours to support troubleshooting and response to system issues as needed on 24/7/365 basis

* Architect, engineer, and maintain complex cloud environments.

* Implementation of the principle of least privilege for tenants and their subscriptions.

* Configure, collect, analyze AWS logs from different sources such as; platform logs, performance data from virtual machines, and application logs.

* Create queries, alerts, reports and dashboards.

* Evaluate, architect, deploy and maintain AWS infrastructure resources including network, VM, storage accounts, and all networking configurations.

* Ensure best practices of security requirements are deployed for an information system.

* Analyze scan results, and document findings for compliance.

* Develop assessment programs.

* Assist with cyber incidents as necessary.

* Assist with forensics and analysis when appropriate.

* Comment on new ODNI/NIST standards / regulations as applies to client environment.

* Employ best practices when implementing security requirements and working on or in a system.

* Participate in security exercises and working groups as applicable.

* Maintain current knowledge of relevant technology as assigned.

* Participates in special projects as required.

* Experience working in an agile environment and managing tasks in Jira

* Certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, AWS Security, etc.).

* Experience in a cyber security operational environment.

* Current Security clearance.

* Knowledge and experience using an incident response framework.

* Programming or scripting experience.

* Server and/or application administration experience.

* Knowledge of Federal contract vehicles.

Experience with government contracting firms supporting the Federal government.

* Twelve (12) or more years of work experience with at least one of those specialized in cyber security.

* 6+ years of experience with AWS as a whole, experience scripting done on AWS

* Must have experience doing an on prim to cloud transition

* Bachelor's Degree (additional years of experience in cyber security reduce this educational requirement).

* A minimum of five (5) years technical experience effectively providing network and/or systems administration, information assurance security, testing and evaluation.

* Must have scripting knowledge with PowerShell, Python, Bash, or similar.

* Experience with CI/CD containers and how to secure them.

Understand the risks Government Agencies face and how to use the AWS to design "Zero Trust - Identity and Data Centric" solutions that will mitigate these risks and ensure compliance.

* High technical ability/aptitude, demonstrated through prior technical experience and accomplishment Experience in applying security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security, DevSecOps and CI/CD Implementation.).

* Good written and verbal communication skills.

Ability to pass a security clearance background investigation.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.