Clearance: Clearance is not required at time of application. But, upon hire, a federal background investigation leading to TS/SCI clearance is required.

Location: Washington, D.C.

Travel: None

Description: Cloud Cybersecurity Specialist to join the Cyber Security Operations and Engineering Team to conduct operations consulting and execution on security of the existing and proposed cloud architecture, assisting with documentation on risks and mitigations for cloud requests, and securely migrating systems in the cloud while maintaining the continuous Authority to Operate (cATO) for cloud environments. Individual will be expected to work closely with ITSD and representatives from various directorates and external collaborators. Candidates should be well versed in cloud governance as well as technical implementations of cloud products.

Primary Responsibilities:

• Maintain, facilitate, and draft Authority to Operate packages for cloud operations
• Manage and execute cloud security solutions across lifecycle: strategy, design, implementation, and operations
• Identify and deliver appropriate controls based on industry standards (e.g. CCM, CMMC) to drive cloud and customer security solutions framework based on business risk and cloud native threats
• Evaluate new threats in the cloud and operating environment to identify the impact on IT and Business to develop, and implement security controls
• Identify and drive remediation of public and hybrid cloud risks
• Ensure secure enterprise web solutions in Azure and other cloud environments
• Review cloud security violation reports and investigating possible security exceptions
• Design, implement, and deliver security for cloud native, distributed computing and architectural solutions with a principle of “Secure by Design”
• Present status briefings to leadership, compile reports, and other peripheral tasks

Required Qualifications:

• Bachelor’s Degree in computer science, IT, Cyber, or associated field and at least 5 years of experience in cloud security operations, application development, or cyber security, though a combination of education and experience may be considered for exceptional candidates
• Knowledge and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools such as Azure, AWS, GCP, Pivotal Cloud Foundry, BOSH, Kubernetes, Docker
• Experience with structured Enterprise Architecture practices, hybrid cloud deployments, and on premise-to-cloud migration deployments
• Proven ability to participate, lead and jointly deliver security evaluation reports on the major cloud providers (Azure, AWS, GCP), cloud native platforms (e.g. PCF, Docker, Kubernetes), and different cloud service models (IaaS, PaaS, SaaS, etc.)
• Experience establishing security requirements for cloud-based solutions by evaluating business strategies and requirements; researching cloud infrastructure security standards (ISO 27000 series, NIST CSF, CSA, etc.)
• Ability to manage and execute cloud security solutions
• Working knowledge of networking topology, TCP/IP protocol, network configuration and components (firewalls, routers, proxies, etc.)
• Experience administering and deploying solutions to the major cloud providers
• Detailed knowledge of authentication methods (LDAP, OAuth , PIV, RSA, etc.)
• The ability to obtain or maintain a DOE Q or TS/SCI Clearance, which requires US Citizenship

Preferred Qualifications:

• Master’s degree in computer science, IT, Cyber or associated field
• Cloud specific certifications
• Understanding of Identity Access Management (IAM) technology and solutions
• Understanding with DevSecOps pipelines, CI/CD concepts, and Infrastructure as Code (IaC) (e.g. Terraform, Ansible)
• Proficiency in languages (e.g. Python, JSON, Ruby, C#, Powershell, YAML)
• Understanding of security vulnerabilities, attacks, and ability to mitigate within the major cloud providers
• Working knowledge of the major cloud providers security services and features of services to provide a secure production environment
• Experience with privacy or healthcare data
• An active DOE Q or TS/SCI Clearance, which requires US Citizenship
• Project Management Professional (PMP) Certification
• Proposal writing experience