Job Title: Computer Systems Specialist Security Cloud
Location: Baltimore, MD 21202
Duration: Up to 2 Years
Note: The candidate must have the flexibility to work overtime as needed, including weekends, holidays, and off-hours.
Duties / Responsibilities:
Location: Baltimore, MD 21202
Duration: Up to 2 Years
Note: The candidate must have the flexibility to work overtime as needed, including weekends, holidays, and off-hours.
Duties / Responsibilities:
- Develop and implement cloud security controls, cloud-based processes and tools, and cloud security task automation.
- Perform security assessments, working closely with DevOps and Developer teams on identifying security and privacy issues in AWS or Azure and finding solutions to provide required functionality securely.
- Continuously monitor cloud security operations, responding to security issues and escalating as necessary.
- Conduct security impact analysis of controls on proposed system changes.
- Conduct cloud security assessments and Penetration testing.
- Perform Incident Response and Forensics evaluation using security information and event management (SIEM) tools.
- Ensure that the client system security requirements are addressed during all phases of the system development life cycle.
- Review and update systems security documentation and artifacts such as Systems Security Plan, Information Security Risk Assessment, Privacy Impact Assessment, Systems Security Report, Correction Action Plan, Plan of Action & Milestones (POA&M).
- Create and track POA&M requirements for resolving security findings.
- Administer cloud-based and physical firewalls.
- Adhere to all security, change control and client Project Management Office (PMO) policies, processes and methodologies.
- Bachelor’s Degree from an accredited college or university in Engineering, Computer Science, Information Systems, Business, or other related Discipline. Master’s degree preferred.
- A minimum of six (6) years of experience in analyzing and defining security requirements for large and mission critical IT security requirements.
- A minimum of two (2) years performing day-to-day security operations functions including administration, troubleshooting, and resolution of various security components.
- A minimum of three (3) years of hands-on experience in performing cloud security functions.
- A minimum of three (3) years of experience in defining computer security requirements for high-level applications and evaluating approved security product capabilities.
- Demonstrated production experience using AWS or Azure supporting security operations.
- Experience in performing Security Incident Response and Forensics evaluation with SIEM tools.
- Working knowledge of AWS security features such as Security Groups, Network Access Control List, Firewall, WAF, Guard Duty, Macie, CloudTrail, CloudWatch, Control Tower etc.
- Experience with assessment and evaluation of information systems to recommend changes, mitigate threats, risks, and vulnerabilities
- A minimum of five (5) years of experience in providing Cloud Security.
- A minimum of five (5) years of experience in assisting organizations meet NIST SP 800-37, NIST 800-53, IRS Publication 1075, MARS-e 2.0 requirements.
- A minimum of five (5) years of experience with AWS security on S3, EC2, Security Groups, NACL, etc.
- A minimum of five (5) years of experience with conducting Incident Response testing to evaluate processes for detection, response, and reporting of security incidents
- A minimum of five (5) years of experience with Data Security practices on encryption, masking.
- A minimum of five (5) years of experience with assessment and evaluation of information systems to recommend changes, mitigate threats, risks, and vulnerabilities.
- A minimum of three (3) years of experience with Data Loss Prevention tools and technologies.
- Experience in configuring ASA and/or Fortinet firewalls.
- Possess one or more of the following security certifications: (i.e., CISSP, GIAC, CEH, Security+, Amazon Certified Security Specialty, Microsoft Certified: Azure Security Engineer).