AWS Cloud Security Engineer

$145,600 - $176,800/Yr

Innova Solutions USA - Manassas, VA

posted 4 months ago

Full-time - Mid Level
Manassas, VA
10,001+ employees
Professional, Scientific, and Technical Services

About the position

Innova Solutions is seeking a skilled Cloud Security Engineer to join our team in Manassas, VA. This full-time contract position is expected to last until December 2024, with the possibility of extension. The ideal candidate will possess extensive experience in cloud security, particularly with Public Key Infrastructure (PKI), AWS, Terraform, and Key Management Services (KMS). The primary focus of this role will be to design, implement, and maintain robust security solutions that protect our cloud infrastructure and applications from potential threats. The Cloud Security Engineer will be responsible for developing and enforcing cloud security policies, standards, and best practices. This includes designing and implementing security measures for AWS environments, such as configuring Virtual Private Clouds (VPCs), Identity and Access Management (IAM) policies, and security groups. The role also requires utilizing Terraform to automate and manage secure cloud infrastructure deployments. In addition to cloud security design, the engineer will implement and manage PKI systems to ensure secure communication and authentication. This involves configuring and maintaining certificate authorities, managing digital certificates, and overseeing the certificate lifecycle management process. Compliance with industry standards and regulatory requirements is crucial in this aspect of the role. The engineer will also manage AWS KMS to safeguard encryption keys used in data protection, developing and implementing key management policies and procedures while monitoring and responding to key-related security incidents. Furthermore, the role includes developing custom security solutions and tools to address specific cloud security challenges, integrating security practices into the CI/CD pipeline, and automating security operations and incident response through scripting and coding. Conducting security assessments and vulnerability scans to identify potential risks is another key responsibility. The engineer will collaborate with other teams to address and resolve security issues, ensuring that cloud security practices comply with relevant regulations and industry standards such as GDPR and HIPAA. The role also involves preparing and presenting security reports and documentation to stakeholders, conducting audits, and maintaining incident response plans and procedures to effectively respond to security incidents and breaches.

Responsibilities

  • Develop and enforce cloud security policies, standards, and best practices.
  • Design and implement security measures for AWS environments, including VPC configurations, IAM policies, and security groups.
  • Utilize Terraform to automate and manage cloud infrastructure deployments securely.
  • Implement and manage PKI systems for secure communication and authentication.
  • Configure and maintain certificate authorities, digital certificates, and certificate lifecycle management.
  • Ensure PKI practices comply with industry standards and regulatory requirements.
  • Manage AWS KMS to safeguard encryption keys used in data protection.
  • Develop and implement key management policies and procedures.
  • Monitor and respond to key-related security incidents.
  • Develop custom security solutions and tools to address specific cloud security challenges.
  • Integrate security practices into the CI/CD pipeline to ensure secure application development.
  • Automate security operations and incident response using scripting and coding.
  • Conduct security assessments and vulnerability scans to identify potential risks.
  • Develop and implement strategies to mitigate security threats and vulnerabilities.
  • Collaborate with other teams to address and resolve security issues.
  • Ensure cloud security practices comply with relevant regulations and industry standards (e.g., GDPR, HIPAA).
  • Prepare and present security reports and documentation to stakeholders.
  • Conduct audits and assessments to ensure adherence to security policies.
  • Respond to and investigate security incidents and breaches.
  • Develop and maintain incident response plans and procedures.
  • Coordinate with other teams to contain, analyze, and remediate security incidents.

Requirements

  • Proven experience with AWS cloud services, including EC2, S3, RDS, and IAM.
  • Hands-on experience with Terraform for infrastructure as code (IaC).
  • Expertise in PKI, including certificate issuance, management, and security practices.
  • Experience with AWS KMS or similar key management solutions.
  • Strong development skills with experience in scripting languages (e.g., Python, Bash) and secure coding practices.
  • Deep understanding of cloud security architecture and best practices.
  • Strong knowledge of network security, encryption, and secure communication protocols.
  • Ability to analyze and resolve complex security issues.
  • Excellent communication and collaboration skills.

Nice-to-haves

  • Experience with additional cloud service providers (e.g., Azure, Google Cloud).
  • Familiarity with compliance frameworks such as NIST, ISO 27001, or PCI DSS.
  • Knowledge of security automation tools and practices.

Benefits

  • Medical & pharmacy coverage
  • Dental/vision insurance
  • 401(k)
  • Health saving account (HSA)
  • Flexible spending account (FSA)
  • Life Insurance
  • Pet Insurance
  • Short term and Long term Disability
  • Accident & Critical illness coverage
  • Pre-paid legal & ID theft protection
  • Sick time
  • Employee Assistance Program (EAP)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service