Cloud Security Engineer

Requirements

• 4+ years of experience securing computer systems, performing DoD authorization activities, developing a body of evidence for RMF, and writing security plans
• 4+ years of experience with secure IT architecture and computing hardware and software
• Experience working with Cloud technologies, including AWS, Azure, or Infrastructure as a Service
• Experience with Microsoft Sentinel and Defender for incident monitoring and endpoint security
• Experience with scripts, PowerShell, and Bash to provide automated scanning or monitoring solutions
• Experience supporting security reviews of software and system releases within a DevSecOps framework and supporting recurring path-to-production software and system release activities
• Experience with terminology, processes, and regulations of IT system A&A for the RMF
• Top Secret clearance
• HS diploma or GED
• Ability to obtain DoD Directive 8570 or 8140 Series IAT Level II Certification within 90 days of hire date
• Experience assessing and authorizing network connections between on-premise and cloud
• Experience in planning, implementing, and managing continuous monitoring solutions and working within an Agile-based project management framework
• Experience with Red Hat Enterprise Linux (RHEL) or Windows system administration
• Experience with code management tools such as GIT or GitLab in a team setting
• Experience with the Army, DoD, or Intelligence Community (IC) Information Assurance (IA) or Information Systems
• Experience in Information System Security Engineer (ISSE) or Information System Security Officer (ISSO) roles
• Knowledge of terminology and federal regulations related to the specification, development, acquisition, and maintenance of IT systems
• Ability to work independently and as an integrated member of a project team
• Possession of excellent verbal and written communication skills
• TS/SCI clearance
• Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required
• You are expected to be on camera during interviews and assessments

Responsibilities

• Define, communicate, and implement cybersecurity architecture and administration processes for Amazon Web Services (AWS) and Microsoft Azure cloud environments across multiple network domains
• Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to design, implement, verify, and continuously monitor cloud solutions across multiple domains
• Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents for Cloud environments in alignment with existing RMF packages
• Support assessment and authorization activities to achieve and maintain Authority to Operate (ATO) on multiple networks
• Evaluate enhancements to Cloud environments against RMF controls and DoD Security Technical Implementation Guidance (STIG) requirements
• Support data capture and configuration within tools to enable achievement of the organization’s Assessment and Authorization (A&A) objectives
• Work without considerable direction
• Mentor and supervise team members, as needed
• To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings
• Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility
• Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role
• You may also be required to work from or visit a customer facility
• Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role

Benefits

Skills