Azure Cloud Security Engineer

This role supports the U.S. Air Force Cloud One Architecture and Common Shared Services contract and currently has an opening for a Google Cloud Platform Engineer.

Location: This position will be hybrid remote. Candidates will be required to work onsite as needed. Candidates need to be located near Hanscom AFB (Boston, MA).

Responsibilities:

We are seeking a Cloud Engineer with expertise in multiple cloud platforms. A successful individual will be responsible for developing in a scalable cloud-native solutions, and ensuring best practices in security.

• Design, deploy, configure, operate, and maintain authorizations and accreditation of the C1 Architecture for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure in NIPRNet and SIPRNet.
• Serve as Subject Matter Expert (SME) for all IT stakeholders involved with system design, system builds, and Authority to Operate (ATO) efforts on cybersecurity requirements and tooling.
• Support the cybersecurity authorizations team developing artifacts required to achieve milestones such as Interim Authority Test (IATT) and Authorization to Operate (ATO).
• Experience engineering solutions to support migration of security controls from NIST 800-53 Rev 4 to 800-53 Rev 5.
• Ensure compliance with SCCA, Cloud SRG, and other STIG/SRG requirements.
• Support Continuous Authorization to Operate (cATO) within a DevSecOps or cloud-based environment, including implementation of automated control validation, continuous monitoring integration, and real-time POA&M management.
• Create RMF-required authorization-related documentation and artifacts and support ATO sustainment activities for C1 and DPaaS environments.
• Conduct routine Insider Threat Assessment and document results in the Contractor’s System Security Plan
• Continuously monitor system resources through automated scanning and implement automated reporting feeds to support cybersecurity authorizations.
• Verify patch compliance using the approved technical solutions and conduct remediation activities.
• Provide and execute a plan for enterprise vulnerability and compliance scanning.
• Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components.
• Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials
• Work closely with government Cyber & technical teams to support ATO conditions and requirements.
• Prepare detailed technical documentation to support development and operational processes
• Collaborate with team members and provide mentorship to junior staff, fostering a learning environment

Requirements:
• Bachelor’s Degree and 4+ years or more of experience; additional years of experience may be accepted in lieu of degree.
• Interim Secret clearance required to start; Ability to obtain Secret clearance required to maintain employment

• 1 or more cloud certifications
• US citizenship required.
• Certifications: CompTIA Security+ or equivalent (IAT-2)

Preferred Skills

· Experience with USAF Cloud One or Platform 1

· Experience with automation/tools like EvalSTIG, STIG Manager, Ansible etc.

· Experience with Zero Trust Architecture

· Cloud certifications in AWS, Azure, Google, or Oracle clouds

· Certifications: CISSP or equivalent (IAT-3)

Benefits:
SES provides a competitive salary and the following benefits:

• Medical
• Dental
• Vision
• AD&D
• STD
• LTD
• Company paid Life Insurance
• 401k with employer contribution
• Paid Time Off
• Pet Insurance