Paragone is seeking a Cloud Security Engineer (Mid-level) to join our team on a contract supporting a Department of Defense client. The Cloud Security Engineer will need to have a technical understanding of Cybersecurity practices in securing Amazon Web Services (AWS) environments and implementing security tools in the cloud. This is a full time, remote position.

They will work as an integral part of a highly productive team of seasoned technical professionals and will work in close collaboration with software developers, engineers, and stakeholders. They will also be responsible for supporting development of engineering artifacts that captures system security requirements, application security design and architecture.

Responsibilities include:

• Secure our cloud applications in AWS
  • Assess entire system lifecycle requirements and security impacts
  • Enhance – Implement Cybersecurity vulnerability and hardening testing
  • Optimize – Cybersecurity development environment certification
  • Integrate & Test Security – test patches and settings, document A&A artifacts
  • Validate & Verify security – validate patch status and software control status
  • Implement security – support incident handling and remediation activities
  • Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation
  • Enable assurance for information security during all phases of agile software development and deployment
  • Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth
  • Identify, assess, and recommend zero-day cyber threat remediation
  • Support creation of, and ensure approval for, Department of Defense (DOD) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects
  • Apply information security in accordance with NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, DHS 4300A
  • Document RMF Security Implementation Plan artifacts. Coordinate and assist development team with application artifact documentation
  • Create and manage Plan of Action & Milestones (POA&M)
  • Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects
  • Maintain accountability to endure integrity and confidentiality of the process
  • Review and make recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.)
  • Develop and document security evaluation test plan and procedures
  • Assist in researching, evaluating, and developing relevant Information Security policies and guidance
  • Actively participate in technical exchange meetings and application review boards, documenting actions items/results of these events
  • Conduct hands-on security testing, analyze test results, document risk, and recommend countermeasures - Coordinate with other program elements conducting security testing
  • Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing
  • Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
  • Security Information and Event Management (SIEM) experience
  • Integrate vendor solutions 
  • Architect and engineer enterprise cloud security solutions within AWS
  • Understanding of DOD Secure Cloud Computing Architecture (SCCA)

Required Qualifications:

• Active DoD Security Clearance
• BA/BS at least 8 years of experience
• 2 years of experience in designing, executing and supporting AWS security architectures 
• AWS certification
• Some hands-on experience securing and providing risk mitigations for systems and applications in the AWS cloud environment
• Experience working with infrastructure and application development leadership to articulate security and/or compliance strategies and plans
• Demonstrated expertise in SDLC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security
• Security Tool experience (e.g. Splunk, FoundStone, Nessus/Tenable, DBProtect, AppDetective, Tivoli/BigFix, Sharepoint, Guardium, WebInspect)
• Ability to work independently and as part of a team
• Able to communicate clearly and professionally with senior customers to field and troubleshooting questions and issues
• Demonstrated experience coordinating and performing cyber assessments, analyzing and documenting test results, and documenting risk

Preferred Qualifications:

• Previous DoD experience
• Oracle Certification
• At least one of the following certifications is highly desired:
  • Certified Authorization Professional (CAP)
  • ISC Certified Cloud Security Professional (CCSP)
  • Certified Information Systems Security Professional (CISSP)
  • ISACA Certified Information Security Manager (CISM)
  • Relevant hands-on technical certification (e.g., Microsoft MCSE)