Mid-Level Cloud Security Engineer (Wiz Security Platform) - Secret Cleared, On-Site

Employment Type: Full Time Salary Exempt

Schedule: 8-hour workday; Monday-Friday, Core working hours 9AM-3PM Eastern Time

Location: Onsite Washington D.C. (20006)

Employment Status: Must be a US Citizen

Education: BA/BS or higher preferred

Security Clearance: Active DoD Secret or higher

Language Requirement: Must be very fluent in written and spoken English

Industry: Federal Government Contracting

Trewon is seeking a highly skilled Mid-Level Cloud Security Engineer with hands-on experience using the Wiz Cloud Security Platform. This engineer will be responsible for onboarding systems into Wiz, managing cloud security posture, developing automated workflows, and supporting security operations across multi-cloud environments.

The ideal candidate has strong technical expertise, outstanding communication skills, and the ability to work collaboratively with cybersecurity, cloud engineering, and ISSO/ISSM teams.

Key Responsibilities

Wiz Platform Management

• Onboard new cloud resources and applications into the Wiz platform.
• Manage, configure, and optimize Wiz Cloud, Wiz Defend, and Wiz Code modules.
• Maintain connectors, API integrations, and service accounts for multi-cloud environments (AWS, Azure, GCP).
• Interpret and triage Wiz findings, misconfigurations, toxic combinations, and vulnerability exposures.
• Develop and maintain security policies, rules, and automation playbooks within Wiz.
  
  

Cloud Security Engineering

• Implement and maintain cloud security controls aligned with NIST 800-53, RMF, and DoD/DoS requirements.
• Support vulnerability management, continuous monitoring, and threat remediation activities.
• Conduct architecture reviews, risk assessments, and secure configuration evaluations.
• Collaborate with DevOps teams on secure SDLC, CI/CD hardening, and IaC (Terraform/CloudFormation) security.
  
  

Integrations & Automation

• Configure and maintain Wiz integrations with tools such as ServiceNow, Splunk, MS Teams, Okta, GitLab, Qualys, Tenable and other integrations as required.
• Support SSO configuration with Okta as Identity Provider.
• Develop custom API-based workflows and webhook automations for real-time alerting and reporting.
  
  

Documentation & Communication

• Produce clear written documentation, including SOPs, onboarding guides, and security reports.
• Communicate complex technical issues to non-technical stakeholders.
• Coordinate with ISSO/ISSM teams and support ATO/continuous monitoring documentation requirements.
  
  

Required Qualifications

• U.S. Citizen with active Secret (or higher) security clearance.
• 2-3 years of experience in cloud security, security engineering, or DevSecOps.
• Experience with RMF, NIST 800-53, and federal security compliance frameworks.
• Strong knowledge of AWS/Azure/GCP cloud architectures and security controls.
• Experience with API integrations, service accounts, and cloud-native security tools.
• Proficiency in IaC, scripting (Python/PowerShell), and CI/CD pipelines.
• Excellent oral and written English communication skills.
  
  

Preferred Qualifications

• Hands-on experience with the Wiz platform (Cloud, Defend, Code modules).
• Wiz Certification (Wiz Certified Cloud Security Practitioner or equivalent).
• Security-related certifications such as Sec , CCSP, AWS/Azure Security, CISSP (nice to have).
• Experience with SIEM/SOAR platforms (Splunk, Sentinel), vulnerability scanners (Qualys, Tenable).
  
  

Work Environment: On-site, Monday-Friday, Washington D.C.

Collaboration with Cloud Engineering, ISSO, and Cybersecurity Operations teams.

Opportunity to work on advanced cloud security programs within a federal environment.