- Design and Implement cloud security architecture using zero-trust principles.
- Automate security controls, data, and processes to provide better metrics and operational support using security-as-code.
- Configure network security including in a hybrid context with traditional network centric controls
- Design and Implement host-based security monitoring (E.g. AWS Inspector), network security tooling, or other infrastructure related security projects.
- Assess and support application migration efforts including but not limited to network connectivity architecture.
- Conduct Threat modeling to support business requirements.
- Define and implement IaC validation to prevent insecure configuration from being deployed.
- Configure access within the cloud environment using the defense-in-depth principle.
- Assess cloud systems and infrastructure to identify potential weaknesses or problems and upgrade software, VMs, containers to ensure optimal performance of cloud environment and security tools,
- Develop automated security compliance, remediate misconfigurations, vulnerabilities in the code/configurations.
- Lead cloud security issue remediation, troubleshooting and continuous improvement efforts including collaborating with stakeholders to improve overall application security posture.
- Support Cloud Security Maturity Assessment processes with automated security reviews.
- Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that apps, containers, infrastructure, and networks are protected.
- Take ownership of new initiatives, work with internal security teams, ESS, engineering, and product functions to deliver actionable intelligence or solutions that will lower risk.
- Support our DevOps and infrastructure engineers to implement security best-practices and enable secure development and release processes.
- Impact Analysis: Understand the rationale behind and how changes impact the enterprise and/or applications and across the technical ecosystem.
- Solution Design: Ability to translate high level requirements to create and implement designs that meet the needs of the customer, are technically sound, maintainable and cost effective.
- Technical Domain: Have an understanding of the technical domain, including the application architecture, secure design and data of the application they support and systems to which it interfaces.
- Testing Techniques: Understand the range of testing techniques available well enough to select the most effective test procedures.
- Bachelor's degree in Computer Science, Information Systems, or closely related field of study or equivalent experience
- 6+ years of experience in the Information Security field
- 4 years of experience deploying services on public cloud infrastructure such as Amazon Web Services (AWS) or MS Azure
- Experience architecting solutions within Amazon Web Services (AWS) or MS Azure
- Experience performing design reviews to assess security implications and requirements for introduction of new technologies.
- Experience deploying and customizing security tools to address threats and lower risk: vulnerability scanners, static analyzers, web application firewalls, IDS/IPS, malware analysis, network traffic flow and packet analysis, cloud security posture management (CSPM), etc.
- Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies.
- Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
- Must have hands-on experience with AWS and Linux in a production environment.
- Experience of Hybrid/Multi-cloud network design and configuration (example: AWS Direct Connect)
- Knowledge of Federated Identity, RBAC, authentication & authorization solutions, etc.
- Working knowledge of secure-cloud configuration, (e.g., CloudTrail, AWS Config), cloud-security technologies (e.g., VPC, Security Groups) and Cloud infrastructure entitlement management (CIEM).
- Familiarity with industry compliances such as SOX, GLBA, ISO 27002, or PCI-DSS
- Working knowledge of CIS, CSA and NIST best practices.
- Demonstrated ability to collaborate with other teams to achieve complex objectives.
- AWS Certified Solutions Architect – Associate or Professional certification
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
- Strong Experience on networking tasks, e.g., IP subnetting, Network Security Groups, routing, Firewall, Direct Connect, ExpressRoute, load balancer, proxy, DNS etc.
- Experience with service-oriented architecture for cloud-based services.
- Experience using CI/CD pipelines to perform automated security testing and change management.
- Expert in VMs, Container, Container Registry, Docker, Kubernetes security design and implementation etc.
- Deep understanding of Cloud-Native Application Protection Platform (CNAPP)
-
Staff Engineer
13 hours ago
Vital Tech Solutions Southfield, United StatesJob Description · Job DescriptionJob Title: Staff Engineer, Data Security and Governance · Location: Remote · We are looking for a highly motivated data security specialist to join our Engineering Security function reporting to the Director of Engineering Security and Compliance. ...
-
Principal Software Engineer
6 days ago
Vital Tech Solutions Southfield, United StatesJob Description · Job DescriptionJob Title: Principal Software Engineer · Location: Remote · Candidates for the Principal Software Engineer should have 10-15 years of experience in Technical Applications including Java and Webservices Development with hands-on experience leading ...
-
Endpoint Engineer
1 week ago
ThyssenKrupp Materials NA Southfield, MI, United StatesCompany · With around 480 locations in over 40 countries, thyssenkrupp Materials Services is the biggest materials distributor and service provider in the western world. The broad service spectrum offered by the materials experts enables customers to focus on their individual cor ...
-
DevOps Engineer
4 days ago
Base2 Solutions Riverdale, United StatesThe DevOps Engineer will apply practices that combine software development and IT operations to shorten development life cycle and provide continuous delivery of secure quality software. This role will work with collaborative teams in planning, analysis, design and construction o ...
-
System Administrator
5 days ago
Leidos Riverdale, United StatesDescription · Unleash your talents at Leidos Grow and advance rapidly in your career by letting Leidos challenge you with the country's toughest technical problems. · The Defense Group at Leidos currently has an opening for an Information Technologist; System Administrator (SysA ...
-
Senior Network Engineer
4 days ago
Koniag Government Services Riverdale, United StatesKDS · Job ID · Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking a Senior Network Engineer to support KDS and our government customer in Riverdale, MD (hybrid performance). Must be a U. S. Citizen and possess ( or be able to obtain ) a Secret security ...
-
Network Architect
1 week ago
Leidos Riverdale, United StatesDescription · Leidos is seeking a Network Architect to join our Defense Enclave Services (DES) team at Ft. Meade, MD. · PROGRAM SUMMARY: · The DES program is a highly demanding mission and requires expert technical and professional management to support DISA's enterprise Informa ...
-
InterSources Riverdale, United StatesResponsibilities · Position Description: · Serve as the ServiceNow Technical Project Manager for multiple infrastructure projects. · Provide Project management leadership - effectively drive the project schedule, deliverables and manage project risks. · Facilitate effective com ...
-
Service Delivery Engineer
1 week ago
NATS Riverdale, United StatesNATS is the UK's leading air navigation service provider, handling over 2 million flights each year. It provides air traffic control services from two control centres supporting airports all around the UK, as well as a wide range of commercial solutions to over 30 countries inter ...
-
Senior Java Developer
1 week ago
Sky Solutions LLC Riverdale, United StatesJoin Sky Solutions, LLC - Pioneering Digital Transformation Excellence · Welcome to Sky Solutions, LLC, a dynamic Digital Transformation Firm nestled in the vibrant heart of the Washington D.C. Metro Area. We specialize in empowering leading organizations in the Financial Servic ...
-
Mid-Level Drupal Administrator
4 days ago
Centurion Consulting Group, LLC Riverdale, United StatesCenturion is hiring a Mid-Level Drupal Administrator to support one of our clients in the Woodlawn, MD area. All considered candidates must live within two hours of headquarters. · Key Required Skills: · Drupal Administration · Ansible Automation · Relational Databases (PostgreS ...
-
Sr. Angular UI Developer
4 days ago
The Custom Group of Companies Riverdale, United StatesResponsibilitiesStrong experience with Angular 8.0 & above, Node.JS, Java/JEE, Agile Development, TypeScript, Spring, REST Web Services, Spring Boot, Test Driven Development (TDD) · Architect, design, code, and implement next-generation web application using software engineering ...
-
Senior .Net Developer
4 days ago
Sky Solutions LLC Riverdale, United StatesJoin Sky Solutions, LLC - Pioneering Digital Transformation Excellence · Welcome to Sky Solutions, LLC, a dynamic Digital Transformation Firm nestled in the vibrant heart of the Washington D.C. Metro Area. We specialize in empowering leading organizations in the Financial Servic ...
-
Mechanical Engineer
1 week ago
Social Security Administration Riverdale, United StatesSummary Serves as SSA's Mechanical Engineer responsible for planning, developing and conducting complex comprehensive agency-wide facilities planning and engineering. Provides coordination of stakeholders, planning and design consultation on sophisticated requirements for facilit ...
-
Drupal Administrator
1 day ago
Sky Solutions LLC Riverdale, United StatesWelcome to Sky Solutions, LLC, a dynamic Digital Transformation Firm nestled in the vibrant heart of the Washington D.C. Metro Area. We specialize in empowering leading organizations in the Financial Services and Healthcare sectors, achieving remarkable business outcomes through ...
-
Electrical Engineer
1 week ago
Dragados Riverdale, United StatesRESPONSIBILITIES:Manage electrical & mechanical equipment vendors/subcontractors to facilitate timely fabrication and delivery of all electrical and mechanical subsystems for passenger stations and OMF facilities. · Manage installation of all Station & Facility systems. This inc ...
Senior Cloud Security Engineer - Southfield, United States - Vital Tech Solutions
Description
Job Description
Job DescriptionJob Title: Senior Cloud Security Engineer
Location: Remote
We are looking for a highly motivated Cloud Security Engineer to join our Engineering Security function reporting to the Director of Engineering Security and Compliance. We are seeking a passionate individual who is excited about protecting cutting-edge web applications built on public cloud such as AWS and Azure.
The ideal candidate should possess strong cloud security skills, hybrid/multi-cloud network concepts, a deep understanding of secure software development life cycle methodologies, and a keen eye for detail. As a Cloud Security Engineer, you will be an essential part of the Engineering Security team, focused on ensuring the security of of web applications and cloud infrastructure through the continual improvement of security tooling, automation, and engagement with internal stakeholders.
Outcomes and Activities:
The following items detail how you will be successful in this role.
Requirements:
Preferred:
Vital Tech Solutions is an Equal Opportunity Affirmative Action employer. We prohibit discrimination in decisions concerning recruitment, hiring, compensation, benefits promotions, training, termination or any other condition of employment or career development. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, veteran status, disability status or any other legally protected status.