AWS Security Engineer Posting

Position Description

Title: AWS Security Engineer - Cloud Operations Team
Location: Hybrid – Remote with the ability to support customer site visits in Adelphi, Maryland

Clearance: Secret (or ability to obtain)
FLSA Status: Exempt
 

Position Overview

The AWS Security Engineer supports the Cloud Operations Team for a Department of Defense (DoD) program. This role is responsible for ensuring secure, compliant, and efficient operation of AWS cloud environments that host mission-critical systems and services.

This hybrid position is primarily remote but may require periodic on-site support in Adelphi, Maryland, for meetings, reviews, or operational coordination. The AWS Security Engineer is responsible for maintaining compliance, implementing secure configurations, updating system documentation, and ensuring operational readiness across AWS-based services.

The position requires strong communication skills, technical discipline, and consistent accountability. The AWS Security Engineer plays a key role in maintaining compliance with federal cloud security requirements and supporting the overall performance, reliability, and integrity of SASSI’s Cloud Operations mission.

Key Responsibilities

• Monitor, manage, and update assigned AWS tickets and tasks within the tracking system, ensuring all progress, blockers, and resolutions are documented.
• Maintain accurate daily and weekly updates to assigned tickets; provide summary reports to the Supervisor and Vice President of Operations.

• Write and maintain Standard Operating Procedures (SOPs) for onboarding and log collection workflows

• Respond promptly to customer or subscriber inquiries within one hour and internal messages within fifteen minutes during core hours (0900–1600 EST).
• Identify and escalate any blockers or configuration issues within one business day to ensure uninterrupted task progression.
• Support implementation and enforcement of security controls, STIG compliance, and continuous monitoring requirements for AWS cloud environments.
• Assist in configuration management, patching, auditing, and documentation of AWS infrastructure resources (e.g., EC2, S3, IAM, VPC, CloudTrail).
• Participate in internal and customer meetings to provide system status updates, technical input, and progress reports.
• Adhere to all company policies, including timekeeping, attendance, and reporting requirements. Submit leave requests in Unanet for any period not actively worked, and notify both the SASSI Supervisor and Program Team Lead of absences or changes in availability.
• Maintain professional communication and collaboration with colleagues, leadership, and customer stakeholders at all times.

Professional Conduct and Performance Expectations

• Maintain consistent attendance, accountability, and active engagement during all work hours.
• Provide accurate and timely updates to assigned tickets, deliverables, and communications.
• Communicate promptly with leadership when issues arise and proactively seek clarification on unclear tasking.
• Represent SASSI professionally at all times when interacting with the Prime, government customers, and other stakeholders.

Qualifications

Required:

• U.S. Citizenship and active DoD Secret clearance (or ability to obtain)
• Bachelor’s degree in information technology, Computer Science, Cybersecurity, or a related discipline; or equivalent combination of education and experience.
• Security certification
• AWS Solutions Architect Associate certification
• Cloud certification or ability to obtain within 6 months of hire
• 2–3 years of AWS cloud operations, cloud security, or systems administration experience in a DoD or federal contracting environment.
• Hands-on experience with AWS management tools such as CloudWatch, CloudTrail, IAM, and GuardDuty.
• ELK stack familiarity: Filebeat, Logstash, Elasticsearch, Kibana for centralized log ingestion and monitoring.
• Ability to write and maintain SOPs for onboarding and log collection workflows.
• Experience with the Atlassian suite, including Jira and Confluence.
• Experience using git for version control.
• Working knowledge of cybersecurity frameworks (RMF, NIST 800-53, FedRAMP) and compliance processes.
• Excellent communication, analytical, and problem-solving skills.
• Strong organizational ability and attention to detail, with demonstrated accountability for meeting deadlines.

Preferred:

• Kafka experience: managing topics, consumer groups, and operating the Logstash Kafka input.
• Hands-on with Beats/Filebeat, Logstash, Kafka, Elasticsearch, and Kibana. Able to design, maintain, and troubleshoot end to end pipelines.
• Experienced with S3-based centralized log storage and CloudWatch log delivery via SQS or subscription filters to support auditing, monitoring, and SIEM pipeline integration across AWS customer accounts
• AWS Professional or Specialty certification (e.g., AWS Certified Security – Specialty, AWS Certified SysOps Administrator).
• Experience supporting Department of Defense or Intelligence Community cloud environments, including IL6/IL6 logging use cases.
• Familiarity with Infrastructure as Code (IaC) tools (Terraform, CloudFormation) and Configuration as Code (CaC) tools (Ansible).
• Understanding of containerized environments and security (Docker, Kubernetes, etc.).
• Experience implementing STIGs, performing security scans, or developing hardening baselines in a cloud environment.
• Knowledge of secure network configuration principles (DNS, routing, firewalls, subnets, and access control).
• Familiarity with CI/CD tools (Git, Jenkins, Artifactory) and cloud automation pipelines.