General Cloud Security Engineer

$75,600 - $172,000/Yr

Booz Allen Hamilton - Hampton, VA

posted 21 days ago

Part-time,Full-time - Mid Level
Hampton, VA
Professional, Scientific, and Technical Services

About the position

As a General Cloud Security Engineer at Booz Allen Hamilton, you will play a crucial role in safeguarding national security by leading the technical implementation of security solutions in cloud environments. This position focuses on designing and implementing robust security architectures, emphasizing automated security controls and compliance with Department of Defense (DoD) requirements. You will work closely with the Air Force mission, developing secure architecture patterns and building advanced security monitoring and response capabilities.

Responsibilities

  • Design and implement secure cloud architecture patterns using AWS native security services, including GuardDuty, Security Hub, WAF, and Shield.
  • Develop automated security deployment pipelines using tools like CloudFormation, Terraform, and AWS CDK.
  • Implement comprehensive logging and monitoring solutions using CloudWatch, CloudTrail, and third-party SIEM platforms.
  • Create automated security scanning and remediation workflows using Python, Bash, and PowerShell.
  • Design and implement network segmentation using AWS Transit Gateway, Security Groups, and NACLs.
  • Deploy and manage PKI infrastructure and secrets management solutions, including AWS KMS and Secrets Manager.
  • Implement container security solutions for ECS and EKS environments using tools, including Aqua, and Twistlock.
  • Develop automated compliance validation tools using AWS Config, Security Hub, and custom Lambda functions.

Requirements

  • 5+ years of experience with AWS security services and architecture patterns
  • Experience with programming in Python, Bash, and PowerShell for security automation
  • Experience with infrastructure-as-code tools, including Terraform, CloudFormation, or CDK
  • Experience with container security and Kubernetes security configurations
  • Experience with automated security testing tools, including SAST, DAST, or IAST
  • Knowledge of network security concepts, protocols, and implementation
  • Knowledge of cryptography, PKI, and key management systems
  • Secret clearance
  • Bachelor's degree
  • DoD 8570 IAT Level II Certification

Nice-to-haves

  • Experience with implementing zero-trust architectures in AWS
  • Experience with AWS native security services configuration and automation
  • Experience with securing CI/CD pipelines and implementing DevSecOps practices
  • Experience with security event monitoring, SIEM implementation and custom rule development
  • Experience with automated vulnerability management systems and developing custom security tools and automation frameworks
  • Experience with implementing secure cross-account access patterns
  • Experience with advanced incident response automation implementation
  • Knowledge of container orchestration security, including ECS and EKS hardening
  • AWS Security Specialty Certification
  • CISSP, CCSP, or a related Certification

Benefits

  • health insurance
  • life insurance
  • disability insurance
  • financial benefits
  • retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service