Search By
359 Jobs
Cloud Security Engineer Paragone Solutions, Inc. McLean, VA | Full Time | Remote
21 Days Ago
Cloud Security Engineer Match Group New York, NY | Other
1 Month Ago
Cloud Security Engineer (MCAS) SkyePoint Decisions Springfield, VA | Other
2 Months Ago
Cloud Security Engineer Acuity INC Washington, DC | Other | Remote
Just Posted
Cloud Security Engineer Delaware Nation Industries Tampa, FL | Other
Just Posted
Cloud Security Engineer Falconwood, Inc. Stafford, VA | Full Time
Just Posted
Cloud Security Engineer Applied Insight Remote, VA | Full Time | Remote
Just Posted
Senior Cloud Security Engineer Reddit Atlanta, GA | Full Time
1 Day Ago
Cloud Security Engineer Materialize New York City, NY | Full Time | Remote
1 Day Ago
Senior Cloud Security Engineer Reddit Austin, TX | Full Time
1 Day Ago
Senior Cloud Security Engineer Backbase Amsterdam, NH | Full Time
7 Days Ago
Senior Cloud Security Engineer Fivetran Denver, CO | Full Time
14 Days Ago
Cloud Security Engineer SharkNinja Needham, MA | Full Time
14 Days Ago
Senior Cloud Security Engineer Fivetran Oakland, CA | Full Time | Remote
15 Days Ago
Cloud Security Engineer Appian Corporation McLean, VA | Full Time
16 Days Ago
Cloud Security Engineer Sparibis Tampa, FL | Full Time | Remote
18 Days Ago
Senior Cloud Security Engineer E-xact Transactions Canada Ltd Scottsdale, AZ | Full Time
19 Days Ago
Cloud Security Engineer Tango Card San Francisco, CA | Full Time
22 Days Ago
Cloud Security Engineer Tango Card Charlotte, NC | Full Time
22 Days Ago
Cloud Security Engineer Tactibit Technologies LLC Suitland, MD | Full Time | Remote
1 Month Ago
Cloud Security Engineer Airtable San Francisco, CA | Full Time | Remote
2 Months Ago
Cloud Security Engineer Syrinx Chelmsford, MA | Full Time
2 Months Ago
Cloud Security Engineer Hudl Lincoln, NE | Full Time
2 Months Ago
Cloud Security Engineer Hudl Omaha, NE | Full Time
2 Months Ago
Cloud Security Engineer (India) Mode Chennai, TN | Full Time
2 Months Ago
More Search Results

Cloud Security Engineer

McLean, VA | Full Time | Remote
21 Days Ago

Job Description

Paragone is seeking a Cloud Security Engineer (Mid-level) to join our team on a contract supporting a Department of Defense client. The Cloud Security Engineer will need to have a technical understanding of Cybersecurity practices in securing Amazon Web Services (AWS) environments and implementing security tools in the cloud. This is a full time, remote position.

They will work as an integral part of a highly productive team of seasoned technical professionals and will work in close collaboration with software developers, engineers, and stakeholders. They will also be responsible for supporting development of engineering artifacts that captures system security requirements, application security design and architecture.

Responsibilities include:

  • Secure our cloud applications in AWS
    • Assess entire system lifecycle requirements and security impacts
    • Enhance – Implement Cybersecurity vulnerability and hardening testing
    • Optimize – Cybersecurity development environment certification
    • Integrate & Test Security – test patches and settings, document A&A artifacts
    • Validate & Verify security – validate patch status and software control status
    • Implement security – support incident handling and remediation activities
    • Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation
    • Enable assurance for information security during all phases of agile software development and deployment
    • Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth
    • Identify, assess, and recommend zero-day cyber threat remediation
    • Support creation of, and ensure approval for, Department of Defense (DOD) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects
    • Apply information security in accordance with NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, DHS 4300A
    • Document RMF Security Implementation Plan artifacts. Coordinate and assist development team with application artifact documentation
    • Create and manage Plan of Action & Milestones (POA&M)
    • Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects
    • Maintain accountability to endure integrity and confidentiality of the process
    • Review and make recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.)
    • Develop and document security evaluation test plan and procedures
    • Assist in researching, evaluating, and developing relevant Information Security policies and guidance
    • Actively participate in technical exchange meetings and application review boards, documenting actions items/results of these events
    • Conduct hands-on security testing, analyze test results, document risk, and recommend countermeasures - Coordinate with other program elements conducting security testing
    • Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing
    • Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
    • Security Information and Event Management (SIEM) experience
    • Integrate vendor solutions 
    • Architect and engineer enterprise cloud security solutions within AWS
    • Understanding of DOD Secure Cloud Computing Architecture (SCCA)

Required Qualifications:

  • Active DoD Security Clearance
  • BA/BS at least 8 years of experience
  • 2 years of experience in designing, executing and supporting AWS security architectures 
  • AWS certification
  • Some hands-on experience securing and providing risk mitigations for systems and applications in the AWS cloud environment
  • Experience working with infrastructure and application development leadership to articulate security and/or compliance strategies and plans
  • Demonstrated expertise in SDLC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security
  • Security Tool experience (e.g. Splunk, FoundStone, Nessus/Tenable, DBProtect, AppDetective, Tivoli/BigFix, Sharepoint, Guardium, WebInspect)
  • Ability to work independently and as part of a team
  • Able to communicate clearly and professionally with senior customers to field and troubleshooting questions and issues
  • Demonstrated experience coordinating and performing cyber assessments, analyzing and documenting test results, and documenting risk


Preferred Qualifications:

  • Previous DoD experience
  • Oracle Certification
  • At least one of the following certifications is highly desired:
    • Certified Authorization Professional (CAP)
    • ISC Certified Cloud Security Professional (CCSP)
    • Certified Information Systems Security Professional (CISSP)
    • ISACA Certified Information Security Manager (CISM)
    • Relevant hands-on technical certification (e.g., Microsoft MCSE)