Senior Cloud Security Specialist

About the Role

Join the Security Engineering team in our IT division as a Senior Cloud Security Specialist. You'll drive the strategy, design, deployment, and maintenance of robust security solutions across cloud, local, and hybrid environments.

Interview Process

Selected candidates start with a phone screening. Passing candidates may advance to an in-person interview (video tools like MS Teams or WebEx available per agency guidelines).

Key Requirements

• Extensive REST API experience: implementing, securing, automating, testing, and documenting integrations.
• Strong grasp of resilient integration patterns (error handling, retries, monitoring).
• Proficient in scripting and automation languages for security orchestration.

Must-Have Qualifications

• AWS Certified Security - Specialty (Active).
• AWS Certified Solutions Architect - Professional or Associate (Active).

Preferred Experience

• Integrations with ServiceNow, Collibra, and Saviynt.
• Cloud-native serverless architectures and services.
• Architecting/implementing security controls on public clouds.
• DevSecOps practices (CI/CD pipelines, IaC).
• Cloud Access Security Broker (CASB) for SaaS security.
• Deep knowledge of IAM, security engineering, network security, zero trust, DLP, DevSecOps, and vulnerability management.
• Federal experience with NIST Cybersecurity Framework, OMB M-22-09, NIST SP 800-53.
• Analytical problem-solving for complex security issues.
• Proactive technical consultation with teams and stakeholders.

Key Deliverables

• API integration architecture documents and data model/attribute mappings.
• Automation scripts/orchestration (serverless functions, scheduled jobs, event handlers).
• Resilient, secure API integrations for end-to-end data access management.
• Comprehensive testing and documentation of cloud integrations.
• Support for DLP and CASB initiatives.
• SME collaboration across teams for security design, build, implementation, and monitoring.
• Technical consultation for secure cloud implementations.
• Security configuration guides and playbooks.