The cyber security engineer requires an in-depth understanding of cloud technologies. The cyber security engineer will assist in architecting a secure web based infrastructure that meets DoD Cloud SRG and SCCA requirements. The CSE will drive key decision points in defining, designing and implementing layer 3, layer 7 firewalls as well as Network intrusion Detection/prevention systems. The architect also directs the enterprise level configuration of cloud environments, deploys network security appliances & NIDS/NIPS systems. Candidate is also involved in security DevOps, and fosters security automation through the cloud by implementing self-governing security solutions that offer security data analytics and solutions with minimal input.
Roles and responsibilities of the CSE are as follows:
- Deploy, maintain and manage layer 3 and layer 7 firewall
- Will be a subject matter expert for system network security infrastructure.
- Scripting, and deployment of automated security solutions using native cloud technologies or approved COTS products.
- Automation of processes, procedures, and policies through created DevOps supported workflows.
- Creation of customized and adaptive dashboards and reports.
- Diagram and Implement cloud architectures that fully meet the DoD SCCA requirements.
- Selection, assessment of, configuration, and deployment of new cloud security technologies.
- Coordination with Cloud Security Compliance Managers to ensure that all technology solutions meet RMF requirements.
- Experience in deployment, configuration and maintaining F5 firewall
- Scripting in MSPowershell and/or JSON.
- Understanding of the SCCA requirements for Commercial Cloud Service Provider.
- Understanding of DevOps tools for automation such as Ansible, Jenkins, Puppet, and Chef.
- Experience in building complex security reporting dashboards (e.g. Splunk or native dashboards in Azure/AWS).
- Strong background in cloud network architecture and hands-on experience in cloud environment deployments.
- Strong industry experience with TCP/UDP protocols, VPNs, IDS/ IPS, SIEMs, and firewall technologies
- Adaptability to various cloud security tools, namely their management centers (e.g. ePO Orchestrator, Tenable Nessus, etc.). Experience in fully deploying, managing, and automating these or similar tools at an enterprise level.
- Security +, CCSP, CISSP
- AWS Certified Security specialty or Microsoft equivalent
- 8570 IAT III certs, especially those concentrated in network
- 5-8 years in security with 2 concentrated in cloud