Invictus International Consulting, LLC
  • 26-Oct-2018 (EST)
  • Washington, DC, USA
  • Full Time
  • TS/SCI with CI Poly

Title: Cyber Security Engineer ~ Cloud

Location: Reston, VA or Washington, DC

Clearance: TS/SCI with the ability to obtain and maintain a CI polygraph

 

Responsibilities:

  • Plan, research, design and model robust Enterprise Security Architectures for systems hosted on traditional data centers and on cloud providers such as Amazon Web Services (AWS), Microsoft Azure, etc.
  • Develop security engineering requirements, procedures and policies for on-prem, cloud/container-based systems
  • Conduct applied security research on security standards, authentication tools and protocols in support of cloud/container-based systems using Identity and Access Management (IdAM) systems using public key infrastructures (PKIs) and PKI-Enabling (PKI/E) technologies
  • Identify COTS/GOTS Systems integration issues, security control implementation deficiencies and recommend enhancements to bolstering security posture
  • Acquire a complete understanding of a customer's technology and information systems
  • Perform vulnerability testing, risk and security assessments using penetration tester mindset
  • Conduct in-depth security engineering reviews and approve proposed systems/application security control implementations used for systems hosted in cloud/container-based providers such as AWS, Azure, OpenShift and Kubernetes
  • Provide technical supervision for (and guidance to) a security team
  • Oversee security awareness programs and educational efforts
  • Test final security structures to ensure they behave as expected
  • Deliver technical reports and formal papers on test findings
  • Monitor cloud provider new service offerings to government regions
  • Conduct new cloud provider service offerings evaluations and applicability to government regions
  • Develop changes/updates to existing enterprise and mission-level Identity and Access Management (IdAM)
  • Develop or update security management policies and guides

 

Key Skills:

  • Consulting and professional services using Agile and DevOps methodologies
  • Security Research and Development (R&D)
  • Infrastructure Automation tooling to building and delivering secure systems delivery chain
  • Cloud and container security penetration and vulnerability testing
  • Networking, firewall and intrusion detection/prevention protocols
  • Computer Network Defense, ethical hacking and threat modeling
  • Identity and access management principles using PKI and PKI/E
  • Application security and encryption technologies
  • Enterprise system and security engineering and architecture
  • Implementing Risk Management Framework (RMF) in high-risk network environment
  • Practices and methods of IT strategy, enterprise architecture and security architecture
  • Familiarity with serverless technologies AWS Lambda, API Gateway, Azure Functions, Azure API Management
  • Familiarity with DevOpsSec concepts and system delivery implementations and patterns
  • Strong hands-on experience with Directory and Authentication Services such as AWS IdAM and Azure Active Directory (AD)
  • Strong authentication technologies implementation experience such as PKI and Multifactor Authentication (MFA)
  • Programming and scripting languages used in tool and infrastructure automation such as: Bash, Powershell, Python as well as JSON and YAML

 

Key Technology Familiarity:

  • Hardening Operating Systems (OS) such as Windows, UNIX and Linux
  • Cloud security implementations using providers AWS and Azure
  • Container-based security implantation using Kubernetes, OpenShift and Docker
  • Database security in relational (MySQL/MsSQL) and non-relational (MongoDB) platforms
  • Network security enforcement points Cross Domain Solutions, Firewall, IDS/IPS, Network Access Control and Network Gateways
  • Configuration Management tools such as Git, GitLab, GitHub, Bitbucket
  • Virtualization technologies from VMware, Microsoft and Red Hat
  • Encryption technologies and standards
  • DevOps tools such as SaltStack, Terraform, Puppet, Ansible, Chef,
  • Infrastructure Cloud formation, YAML, JSON, Bash, Python, or other programming languages
  • Technical project management tools such as ServiceNow and Jira
  • Pentesting platforms such as Kali, burp, metasploit
  • Vulnerability management tools such as Twistlock, NuVector, PureSec, jFrog, x-ray
  • CND tools such as Splunk (Enterprise Security, UBA, and Phantom) and Elastic (Elastic Search, LogStash, Kibana, etc.)
  • AWS Cloudwatch and Cloudtrail, Azure Monitor

 

Requirements:

  • Bachelor's Degree in Computer Science, Software Engineering, Systems Engineering, Information Systems or a related technical discipline with 5+ yrs. of related work experience; an additional 4 years of work experience may be substituted in lieu of a degree
  • systems architecture/engineering supporting data science projects a plus
  • Excellent written and oral communication skills a must, with the ability to work independently or as a member of a team; must be comfortable working with personnel on all levels of an organization
  • Must possess current DoD 8570 IAT III certification 
  • Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph

 

Equal Opportunity Employer/Veterans/Disabled

Invictus International Consulting, LLC
  • Apply Now

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Share This Page
  • Facebook Twitter LinkedIn Email
.
About Why Invictus Logo Solutions Join Us Contact