Cybersecurity Engineer

We are seeking an experienced and knowledgeable Cybersecurity Engineer to join our team. As a Cybersecurity Architect, you will be responsible for designing, implementing, and maintaining effective security solutions to protect systems, networks, and data from potential threats for our clients. You will collaborate with cross-functional teams to ensure the overall security strategy aligns with industry best practices and incorporates cloud security and DevSecOps principles. The ideal candidate will possess a strong technical background, a deep understanding of cybersecurity principles, cloud security, DevSecOps practices, and excellent problem-solving skills. This position will support multiple projects for Cloud7Works across different Federal Agencies.

• Develop and implement comprehensive cybersecurity strategies and frameworks to safeguard our client's application infrastructure, systems, and data.
• Develop and maintain a Plan of Action and Milestone (POA&M) for all Information Assurance (IA) related tasks and deliverables in accordance with Security Technical Implementation Guides (STIG)
• Conduct risk assessments and vulnerability assessments to identify potential security weaknesses and recommend appropriate resolutions and actions.
• Design and oversee the implementation of security controls, including cloud security services, secure cloud configurations, and automated security testing within DevOps pipelines.
• Define and enforce security policies, procedures, and standards across the organization, ensuring compliance with cloud security best practices and DevSecOps principles.
• Stay up to date with the latest security technologies, trends, and vulnerabilities in cloud computing, DevOps, and DevSecOps, and provide recommendations for continuous improvement.
• Conduct regular security audits and assessments to ensure compliance with regulatory standards, industry frameworks, and government policies.
• Ensure the assessment and implementation of identified system and environment fixes, such as system patches and fixes associated with specific technical vulnerabilities for government applications and systems.
• Collaborate with team members to ensure security is integrated throughout the system development lifecycle, following DevSecOps principles.
• Support Project and Program Management with security documentation deliverables and reporting, including document(s) required to obtain an Authorization to Operate (ATO).

• Bachelor's degree in Computer Science, Information Technology, or a related field 
• Solid experience (3+ years) working in a cybersecurity role, with a focus on security architecture and design, including DevSecOps and cloud computing.
• In-depth knowledge of cybersecurity principles, protocols, and best practices, with a specific focus on security in the cloud and DevSecOps methodologies.
• Strong understanding of network security, including firewalls, VPNs, intrusion detection systems, and network segmentation, within cloud environments.
• Proficient in conducting risk assessments and vulnerability assessments in cloud environments and within DevOps pipelines.
• Hands-on experience with security technologies and services for cloud environments, such as AWS Security, Azure Security, or Google Cloud Security.
• Familiarity with industry standards and regulations, such as ISO 27001 and NIST Risk Management Framework (RMF), as they apply to cloud environments and DevSecOps practices.
• Experience implementing security automation and continuous security monitoring within DevOps pipelines.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, or CCSP are required.
• Cloud certifications such as AWS Certified Security - Specialty or Azure Security Engineer Associate are highly desirable.

This position requires a government security clearance; you must be a US Citizen for consideration.

Tags