Individuals will provide professional and technical cybersecurity design, implementation and operational services to assist our client’s customers to deploy solutions using cloud computing services. Individuals will be responsible for security-aspects of system design, security tool/service analysis and selection, and subsequent implementation. Individuals will configure tools to meet the business, policy and security risk tolerance of customer. Individuals will work with security analyst to document how required security controls are met through tools and associated implementation. Individuals will operate tools until transitioned to operations.
Determining customer business requirements and applicable regulations, security policy and standards that provide foundation for design.
Engineering and designing solutions on clouds such as AWS, Google, MS Azure and ServiceNow that manage risk and meet relevant security regulations, controls and policy.
Determine how to leverage services from cloud providers and identify gaps that must be met through other tools, software, or 3rd party services.
Implement tools/services ranging from OS hardening, ACL/NACL flow control, web application firewalls, SIEM (e.g, Splunk), intrusion detection, and vulnerability management.
Implement the design installing, configuring and testing cloud services and associated 3rd party services and software.
Participate in assessment of system security controls to validate control implementation and identify weaknesses.
Use tools such as discovery, vulnerability assessment and policy audit tools to evaluate systems for vulnerabilities. Review results and implement fixes or risk mitigation.
Identifying new and innovative ways to use existing tool sets to automate security management, monitoring and related processes to reduce risk and costs.
BS in computer science, information systems, cybersecurity, or related IT or security field
5 years of professional experience in IT/network engineering, security engineering, system administration or security operations.
Active DOD/DSS SECRET security clearance or higher
At least one of the following certifications: CISSP, CCSK, GIAC, CEH
Strong analytical skills with solid verbal and written communication skills
Shows initiative, presents ideas to overcome challenges, self-starter
Desired Skills, Experience and Certifications
Experience with one or more of: AWS, Google Cloud, Microsoft Azure or ServiceNow
Experience deploying and operating tools such as: Tenable Nessus, Splunk, OSSEC, AWS services, Barracuda NextGen firewalls.
Master’s degree in information systems, cybersecurity or related fields
Experience with FISMA, FedRAMP, and NIST SP 800-53