Sr Cloud Security Engineer III - Federal
WHO WE ARE
Trek10 builds and manages massively scalable cloud architectures using cutting edge AWS technologies. Headquartered in South Bend, IN, we have a local footprint but operate with a global reach. Today we have customers on four continents and from coast to coast in the United States and a global brand for deep expertise. We are a Premier Tier AWS Consulting Partner with the following AWS Partner Competencies: DevOps, Migration, IoT, and SaaS. We have a focus on designing and building serverless / cloud native and IoT systems, DevOps automation, and providing 24/7 AWS infrastructure support. We are pioneering the future of cloud computing and having a lot of fun while we do it!
To better understand the type of cutting edge work we do for our clients, please take a look at some of our case studies.
SUMMARY/OBJECTIVE OF THE JOB:
The Senior Cloud Security Engineer III - Federal is a subject matter expert responsible for the secure operation and management of vulnerabilities and risk of federal client initiatives.
DUTIES AND RESPONSIBILITIES:
- Continually identify, develop, design and implement security tools, systems, and/or processes to ensure secure cloud infrastructure using infrastructure as code
- Understand, interpret, maintain, and provide both technical and compliance guidance that aligns with NIST and/or AWS CIS frameworks for AWS GovCloud Systems and any other necessary frameworks or standards in use by a federal client
- Assist DevOps teams with securing Gitlab pipeline deployments
- Conduct security assessments on existing AWS cloud-based solutions to ensure NIST / framework compliance with DoD Missions
- Monitor security logs and perform regular security assessments to identify vulnerabilities and potential threats as well as suggest improvements to monitoring processes and systems
- Periodically monitor/audit implementations and ensure they are functioning properly
- Identify new threats/scenarios and suggest or create monitoring to bring visibility to anomalous activity
- Develop solutions using infrastructure as code for various logging and monitoring solutions
- Design vulnerability scans of cloud-based and mobile applications and infrastructure to identify weaknesses, coordinate with app teams to confirm validity of findings, and recommend and assist with mitigations as needed
- Improve application/infrastructure security by patching vulnerabilities, securing infrastructure, and conducting security reviews on incoming code
- Continually research security tools and best practices in order to adjust and improve security posture as the field progresses and best practices change
- Collaborate across multiple product teams to ensure secure practices
- Take leadership in incident response and remediation efforts in the case of security events
- Other duties as assigned
REQUIRED QUALIFICATIONS:
- 5+ years of general IT experience (programming, hardware, software, cloud, etc)
- 5+ years of engineering experience in AWS Gov Cloud environments
- 3+ years building solutions with AWS Security Hub, AWS Guard Duty, AWS Config, Amazon Inspector
- 2+ years of SOC / NOC experience
- 2+ years of programming experience utilizing Python, Node.js, Typescript, GoLang, Java, C#, or other similar languages I
- Must be a U.S. Citizen
- Must be able to obtain a security clearance (Class or Unclass)
- DoD 8570 certification level: IAT II
PREFERRED QUALIFICATIONS:
- Bachelor's degree or greater in Information Technology, Computer Science, Cybersecurity, or a related field
- 2+ years of experience working in government contracting
- 1+ year of experience working with USAF CloudOne and/or Platform One
- Have an AWS Professional level certification
- Have a higher level security specific certification such as AWS Security Specialty, CCSP, CEH, CISM, etc
- DoD 8570 certification level: IAT III (DoD 8570)
- Experience building scalable, automated infrastructure
- Experience working with various AWS security services such as AWS Security Hub, Config, Cloudtrail, etc.
- Experience working with 3rd party security tools and ability to detail why it is useful for the org
- Experience in communicating technical architecture and engineering solutions between various teams and audiences
- Experience working in a consultative, client-facing consulting role
- Familiarity with the concept of Agile Project Management or other project management work methodologies
- Strong understanding of networking / web protocols
- Strong understanding of containerization concepts and services/tools such as Docker, ECS, EKS, Fargate, etc.
- Familiarity with risk management frameworks such as NIST 800-53 Rev 4 or 5 and/or FedRAMP as well as general understanding of RFM/ATO process
- Strong understanding of cloud, infrastructure, and application components with regards to continuous monitoring
COMPETENCIES:
- Communication: The ability to effectively convey information, ideas, and instructions to individuals or groups, both verbally and in writing.
- Time Management: The ability to effectively plan and organize one's own time in order to meet deadlines, prioritize tasks, and make the most efficient use of time.
- Self Management: The ability to manage one's own emotions, thoughts, and behavior in different situations.
- Building Work Relationships: The ability to establish and maintain positive and productive relationships with colleagues, clients, and other stakeholders.
- Problem Analysis: The ability to identify, understand, and analyze problems in order to find solutions.
- Persuasiveness: The ability to effectively present and argue one's own ideas and opinions, as well as influence others to adopt a certain viewpoint or take a specific action.
- Technical expertise: The ability to understand, apply, and stay current with the knowledge, concepts, and practices in a specific field or industry.
- Leadership: The ability to guide and inspire a team to achieve a common goal.
- Planning: The ability to set goals, develop action plans, and effectively allocate resources in order to achieve desired outcomes.
BENEFITS:
- We are a remote-first company with a lot of flexibility!
- Medical, dental and company paid vision and telemedicine; Insurance that start on day one of your employment!
- 401k plan with a healthy company match.
- Vacation and unlimited sick time.
- Company paid short-term disability and long-term disability.
- 9 company paid holidays.
- Monthly Employee Care stipend to spend on YOU!
- Annual home office set up and equipment allowance.
- Have fun! We get together at various locations across the US for team retreats!
- Robust training and continuous learning environment with lots of team support!
- Develop a skill set that will set you up for long term professional growth and development!
- Get paid (of course)! We have competitive salaries!
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.
Trek10 participates in E-Verify. All persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. We are unable to sponsor or take over sponsorship of an employment Visa at this time.