General Cloud Security Engineer

$75,600 - $172,000/Yr

Booz Allen Hamilton - Hanscom Air Force Base, MA

posted 22 days ago

Part-time,Full-time - Mid Level
Hanscom Air Force Base, MA
Professional, Scientific, and Technical Services

About the position

As a General Cloud Security Engineer, you will lead the technical implementation of security solutions to safeguard cloud environments, particularly focusing on the Air Force mission. This role involves designing and implementing robust security architectures, automating security controls, and ensuring compliance with DoD security requirements. You will work with advanced security monitoring solutions and automated security testing within CI/CD pipelines, contributing to the overall security posture of multi-domain cloud environments.

Responsibilities

  • Design and implement secure cloud architecture patterns using AWS native security services, including GuardDuty, Security Hub, WAF, and Shield
  • Develop automated security deployment pipelines using tools like CloudFormation, Terraform, and AWS CDK
  • Implement comprehensive logging and monitoring solutions using CloudWatch, CloudTrail, and third-party SIEM platforms
  • Create automated security scanning and remediation workflows using Python, Bash, and PowerShell
  • Design and implement network segmentation using AWS Transit Gateway, Security Groups, and NACLs
  • Deploy and manage PKI infrastructure and secrets management solutions, including AWS KMS and Secrets Manager
  • Implement container security solutions for ECS and EKS environments using tools, including Aqua, and Twistlock
  • Develop automated compliance validation tools using AWS Config, Security Hub, and custom Lambda functions

Requirements

  • 5+ years of experience with AWS security services and architecture patterns
  • Experience with programming in Python, Bash, and PowerShell for security automation
  • Experience with infrastructure-as-code tools, including Terraform, CloudFormation, or CDK
  • Experience with container security and Kubernetes security configurations
  • Experience with automated security testing tools, including SAST, DAST, or IAST
  • Knowledge of network security concepts, protocols, and implementation
  • Knowledge of cryptography, PKI, and key management systems
  • Secret clearance
  • Bachelor's degree
  • DoD 8570 IAT Level II Certification

Nice-to-haves

  • Experience with implementing zero-trust architectures in AWS
  • Experience with AWS native security services configuration and automation
  • Experience with securing CI/CD pipelines and implementing DevSecOps practices
  • Experience with security event monitoring, SIEM implementation and custom rule development
  • Experience with automated vulnerability management systems and developing custom security tools and automation frameworks
  • Experience with implementing secure cross-account access patterns
  • Experience with advanced incident response automation implementation
  • Knowledge of container orchestration security, including ECS and EKS hardening
  • AWS Security Specialty Certification
  • CISSP, CCSP, or a related Certification

Benefits

  • Health insurance
  • Life insurance
  • Disability insurance
  • Financial benefits
  • Retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service