Cloud Security Specialist(AWS)

Senior Cloud Security Specialist (AWS) - supporting an IT Security Engineering team responsible for the strategy, design, deployment, and maintenance of effective security solutions in cloud, local, and hybrid environments. This role requires deep expertise in AWS cloud services and cloud-native security tools and services.Anticipated Period of Performance: 06/01/2026 - 12/31/2026 (strong possibility of extension)Place of Performance: On-site, Washington, DC,**U.S. Citizenship required., Including but not limited to:Conduct regular security reviews of cloud infrastructure deployed by engineering teams,Review and validate compliance with security policies and best practices,Identify and document security misconfigurations and non-compliant controls,Implement AWS security controls and services to ensure proper security hardening,Develop and update AWS security configuration standards, guides, and playbooks,Develop and maintain security posture dashboards,Identify opportunities to automate security assessments and recommend tooling improvements,Offer technical consultation to engineering teams on secure implementations,Conduct security training sessions for engineering teams,Present findings and recommendations in team meetings

Minimum 5 years of hands-on AWS security experience,Preferred: AWS Certified Security - Specialty (strongly preferred); AWS Certified Solutions Architect - Professional or Associate,Demonstrated experience implementing secure, scalable AWS cloud architectures following industry best security practices and security frameworks,Demonstrated federal experience and comprehensive knowledge in adopting and implementing federal cybersecurity requirements, including the NIST Cybersecurity Framework, OMB Memorandum M-22-09, and NIST SP 800-53,Deep analytical, problem-solving, and troubleshooting experience to independently resolve complex security challenges,Proven ability to provide technical security consultation and advisory services,Self-motivated and able to work independently with strong attention to detail, Strong understanding of IAM, network security design, security operations, security architecture, cloud security, data loss protection, zero trust, DevSecOps, and vulnerability management,Technical skills in AWS cloud security, security engineering, DevSecOps, scripting, and Infrastructure-as-Code (IaC),Experience evaluating infrastructure-as-code against security standards,Knowledge of the AWS Well-Architected Framework security pillar,Ability to identify and document security misconfigurations and non-compliant controls,Experience developing and maintaining security posture dashboards