nSenior Cloud Cybersecurity Infrastructure Engineer

Nabout Leidos
5 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 195K

Job location

Tech stack

Microsoft Windows
Microsoft Active Directory
Amazon Web Services (AWS)
Tomcat
Confluence
JIRA
User Authentication
Azure
Bash
Cloud Engineering
CompTIA Security+
Computer Security
Computer Networks
System Configuration
Continuous Integration
Software Debugging
Linux
VMware ESX Servers
Web Servers
Hyper-V
Identity and Access Management
IIS
IPv4
IPv6
Subnetting
Virtual Private Networks (VPN)
OSI Models
Python
Kernel-Based Virtual Machine
Lightweight Directory Access Protocols (LDAP)
PostgreSQL
Linux Servers
Log Analysis
Logical Volume Manager
McAfee VirusScan
Microsoft SQL Server
MySQL
Network Virtualization
Openshift
Peer-To-Peer (P2P)
Public Key Infrastructure
Powershell
Ansible
Security Assertion Markup Language (SAML)
Security Content Automation Protocol
Server Administration
Security Information and Event Management
Virtual Local Area Networks
Virtualization Technology
Wide Area Networks
Diagnostic Tools
Scripting (Bash/Python/Go/Ruby)
Cloud Platform System
Delivery Pipeline
QRadar
Kubernetes
Infrastructure Automation Frameworks
Bug Reporting
Information Technology
Atlassian Tools
Vcenter
Nessus
Bitbucket
Api Gateway
Puppet
Terraform
Splunk
Big Ip
Docker
Jenkins
Web Api
VMware

Job description

The successful candidate will have a passion for maintaining the cybersecurity posture of complex IT systems, and will be eager to learn new technologies and enjoy overcoming the challenges of the unknown. You will work in a peer-to-peer environment placing a high value on collaboration and team success. Day-to-day responsibilities will include implementation, maintenance, and troubleshooting of a complex and diverse cloud environment, to include:\n \n \n

  • Providing Subject Matter Expertise for cloud Information Assurance on a variety of implementations.\n
  • Securing high-availability systems via industry/DOD standards and best practices.\n
  • Configuring & securing underlying Azure/AWS cloud resources for build, release & deployment pipelines.\n
  • Supporting an enterprise CI/CD environment with multiple servers, operating systems and applications.\n
  • Deploying, reviewing, patching & testing systems for adherence to build & security requirements.\n
  • Resolving tickets and problem reports on specific technologies and hardware/software components, including COTS/GOTS products, from the system level to individual hardware/software components.\n
  • Building and maintaining scripts for automation of tasks and server maintenance.\n
  • Creating and maintaining accurate maintenance documentation for systems .\n

Requirements

  • U.S. Citizenship with the ability to obtain and maintain a Secret Security Clearance.\n
  • Bachelor's degree with 8+ years of experience or a Master's degree with 6+ years of experience. Additional experience may be considered in lieu of a degree.\n
  • Ability to obtain a CompTIA Security+ certification or minimum equivalent to meet DoD 8570 Compliance.\n
  • 4+ years of Windows & Linux sys administration with 2+ years in an Azure/AWS cloud environment.\n
  • Experience applying/debugging STIG settings/conflicts in Windows/Linux servers and hosted apps.\n
  • Experience interpreting scanning tool outputs (Nessus, SCAP, Evaluate STIG, etc.) and remediating findings.\n
  • Experience with system troubleshooting tools like top, iostat, vmstat, netstat, lvm, fdisk.\n
  • Strong understanding of networking concepts such as OSI Model, LAN/WAN, IPv4/IPv6, subnetting, VLANs, edge services & point-to-point VPN setup within cloud environments.\n
  • Experience working with identity management & authentication tools such as LDAP, SAML, and PKI.\n, * US Citizen with an active Secret or higher security clearance.\n
  • Hands-on experience with Configuration Management tools such as Ansible, Chef, or Puppet.\n
  • Hands-on experience with Trellix/McAfee ePO and product suite.\n
  • Hands-on configuration and experience with SIEM tools (e.g., Splunk, Azure Log Analytics, QRadar, LogRhythm).\n
  • Hands-on experience with Microsoft Active Directory (i.e., OU creation, Schema Changes, Security Groups).\n
  • Hands-on experience with Microsoft Group Policy (i.e., Creating GPOs, GPO inheritance, Security Filtering).\n
  • Virtualization experience (VMware vCenter, ESXi, KVM, Hyper-V).\n
  • Experience with Docker container technologies and Docker container deployment technologies, such as Terraform, Kubernetes, OpenShift, Helm, EKS, AKS.\n
  • Experience supporting Jenkins pipeline code building and analysis tools.\n
  • Coding and/or scripting experience using Python, Powershell, Bash, or other tools.\n
  • Atlassian Tools Suite experience (Bitbucket, Confluence, JIRA)\n
  • Experience managing web servers such as IIS and Tomcat.\n
  • Familiarity with F5 BIG-IP Authentication and SAML IdP/SP.\n
  • Intermediate knowledge of MS SQL, PostgreSQL, and MySQL.\n
  • Experience in designing and implementing VNet/VLAN ports, protocols and services settings to restrict communications across Cloud-native virtual networking boundaries.\n
  • Experience managing projects and processes to achieve enterprise business improvement objectives.\n
  • Experience hardening API Gateway and API Endpoints.\n
  • Experience with backup and recovery of IT infrastructure.\n
  • Experience as an Information Systems Security Officer or Engineer (ISSO or ISSE).\n
  • Experience managing, interpreting, and updating Plans of Action and Milestones (POA&Ms).\n
  • Experience developing cybersecurity policy related to cloud environments.\n
  • Experience applying STIGs to containers.\n

Apply for this position