Sr AWS Cloud Security Engineer
Location - Reston VA
FTE no H1B
JOB INFORMATION
Design and implement systems and procedures to sustain the security, integrity, and availability of the organization's data. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and the data contained in them. Track security violations and identify trends or exposures that could be addressed by additional training, technical measures, or use of application tools to enhance security. May participate in simulated attacks or security violations to assess the organization's data security measures.
KEY JOB FUNCTIONS 

• Strong understanding of fundamental Application and Infrastructure Security concepts, including common types of attacks and exploitation techniques.
• Solid Experience with various application security tools (Example—ZAP, BURP, Tenable,Check Mark, Semmel, fortify, Sonatype, Kali, WebInspect/AppScan, dependency check).
• Solid understanding of common web and systems application vulnerabilities.Experience integrating security tools into the DevOps environment (such as Zap or Burp)
• Familiarity with key security concepts/frameworks such as OWASP, CVE, and CVSS.
• Proficient in automation and deploying CI and CD tools and services (Jenkins Pipeline as Code, Git, Maven). 
• Experience with Python, bash, Linux shell or similar
• Experience integrating with native AWS services (CodePipeline, CodeCommit, CodeBuild, CodeDeploy, EC2, EKS, ECR, S3)
• Hands on experience building solutions with tools and services like AWS CloudFormation, Terraform, or custom build orchestration tools leveraging SDKs or directly interacting with APIs
• Experience working one or more of the following languages: Java, Python, or Node.js
• Knowledge of networking, IAM, API and security assessment tools/methodologies.
• Familiar with container and orchestration.
• Familiar with IAM protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth. 
• Understanding of the cyber threat landscape and methodologies to protect technology assets.
• AWS Certified Developer Associate or AWS Certified Solutions Architect Associate preferred.
• Excellent verbal and written communication skills

Qualifications:
EDUCATION
Education Level Required (if any)
· Bachelor Degree or Equivalent
Area of Study Preferred(if any)
· Computer Science or IT/IS
MINIMUM EXPERIENCE
· 4-6 years of related experience
SPECIALIZED KNOWLEDGE & SKILLS

• Strong Python, bash, Linux shell or similar
• Experience integrating with native AWS services (CodePipeline, CodeCommit, CodeBuild, CodeDeploy, EC2, EKS, ECR, S3)
• Experience integrating security tools into the DevOps environment (such as Zap or Burp)
• Proficient in automation and deploying CI and CD tools and services (Jenkins Pipeline as Code, Git, Maven).
• Hands on experience building solutions with tools and services like AWS CloudFormation, Terraform, or custom build orchestration tools leveraging SDKs or directly interacting with APIs
• Experience working one or more of the following languages: Java, Python, or Node.js
• Knowledge of networking, IAM, API and security assessment tools/methodologies.
• Familiar with container and orchestration.
• Familiar with IAM protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth.
• Understanding of the cyber threat landscape and methodologies to protect technology assets.
• AWS Certified Developer Associate or AWS Certified Solutions Architect Associate preferred.
• Excellent verbal and written communication skills

EMPLOYMENT
As a condition of employment with Fannie Mae, any successful job applicant will be required to successfully complete a background investigation.
 
Describe how this position fits in your organization.
This role is aligned to digital transformation, steel thread and cloud transformation to help us think big, get small and automate. This critical role was approved through Infosec priority pool. This role will support the organization move “Security to the left” with DevSecOps/CICD effort by ensuring we perform continuous security gates and controls in an automated fashion. This role will help in empowering developers fix issues in development phase, provide continuous remediation support to developers and deploy secure code to production. This role will also assist the organization in identifying critical vulnerabilities, developing / testing exploit POCs to find the exposure and the risk to the organization.
What are the 3-4 non-negotiable requirements on this position?
o Strong Python, bash, Linux shell or similar o Experience integrating with native AWS services (CodePipeline, CodeCommit, CodeBuild, CodeDeploy, EC2, EKS, ECR, S3) o Proficient in automation and deploying CI and CD tools and services (Jenkins Pipeline as Code, Git, Maven).
What are the nice-to-have skills?
Knowledge of networking, IAM, API and security assessment tools/methodologies. o Familiar with container and orchestration. o Familiar with IAM protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth. o Understanding of the cyber threat landscape and methodologies to protect technology assets. o AWS Certified Developer Associate or AWS Certified Solutions Architect Associate preferred.
What is exciting about this opportunity? Please use this section to describe team and company culture.
DevSecOps team - new build-out in InfoSec