AECC 2.0 - Cybersecurity Engineer

Introduction

A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.

You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.

Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Your Role And Responsibilities

This position is for a Cybersecurity Engineer supporting the Army Edge Computing Capability (AECC) project that ALTESS is fielding for the US Army. The AECC solution is a containerized, Kubernetes-based, multitenant hosting environment for hosting Army enterprise and tactical applications. AECC utilizes Kubernetes and potentially Red Hat OpenShift to implement a cloud-native, software-defined infrastructure across multiple global sites. ALTESS provides value-added common and managed services built on top of the Kubernetes foundation that hosted Army applications will require. ALTESS is a managed service provider (MSP) and hosting services provider for Army applications. ALTESS is a Product Lead office under Capability Program Executive (CPE) Enterprise Software and Services (CPE ES2).

Position Duties

• Deploy, configure, and manage Kubernetes security tools (e.g., vulnerability scanning, runtime protection, compliance frameworks)
• Implement and enforce security controls (RBAC, Pod Security Standards, STIGs) to protect clusters and workloads
• Conduct container image and Infrastructure-as-Code (IaC) scanning to identify and remediate vulnerabilities
• Monitor security events and incidents using SIEM tools (e.g., Splunk, Elasticsearch) and runtime security solutions
• Integrate security into CI/CD pipelines and partner with DevOps teams to ensure secure deployments
• Collaborate with internal teams and Army cybersecurity stakeholders to maintain compliance, respond to incidents, and support ongoing security operations

Required Skills

Required technical and professional expertise

• Strong experience securing Kubernetes clusters and containerized workloads
• Proficiency with Kubernetes security tools (e.g., Kube-Bench, Kube-Hunter, Falco) and container scanning tools (e.g., Trivy, Clair, Anchore)
• Experience with IaC security and DevSecOps practices, including integrating security into CI/CD pipelines
• Knowledge of security controls (RBAC, Pod Security Standards, network policies) and compliance frameworks (e.g., CIS, NIST 800-53)
• Experience with SIEM tools (e.g., Splunk, Elasticsearch), threat detection, and automation tools (e.g., Terraform, Ansible, Python, Bash)

Required Certifications

• DoD 8140 Cybersecurity ISSM (722 role or similar)
• Baseline certification as defined in DoD Instruction 8570.01-M (generally Security+ CE)

Must have (or obtain within 6 months of hire) a computing environment certification as defined in DoD 8570.01-M, such as:

• Certified Kubernetes Security Specialist (CKS)
• Certified Kubernetes Administrator (CKA)
• Red Hat Certified Specialist in OpenShift Administration
• Cloud Native Security Certification (CNSC)
• GIAC Kubernetes and Cloud Security (GCKS)
• AWS Certified Security – Specialty
• Microsoft Certified: Azure Security Engineer Associate

Must hold and maintain an Active DoD Secret Security Clearance

Preferred Technical And Professional Experience

• Working knowledge of DoD STIGs, and IA Vulnerability Management (IAVM).
• Basic understanding of DOD Risk Management Framework Assessment & Authorization (RMF A&A).