Cloud Security Specialist (AWS)

We are seeking a highly skilled Senior Cloud Security Specialist to join the Security Engineering team within the IT division. The team is responsible for the strategy, design, deployment, and maintenance of effective security solutions across cloud, local, and hybrid environments. The ideal candidate will bring deep expertise in AWS cloud security, focusing on security architecture, risk management, and compliance. Key Responsibilities:

• Security Reviews & Audits:

• Conduct regular security reviews of cloud infrastructure deployed by engineering teams, ensuring compliance with security standards.

• Evaluate Infrastructure-as-Code (IaC) for security vulnerabilities and ensure that all cloud resources adhere to best security practices.

• Review and validate adherence to the AWS Well-Architected Framework security pillar, ensuring that cloud environments are architected securely and aligned with AWS best practices.

• Compliance & Documentation:

• Assess compliance with security policies and frameworks, including federal cybersecurity requirements (e.g., NIST Cybersecurity Framework, NIST SP 800-53, OMB Memorandum M-22-09).

• Identify, document, and remediate security misconfigurations and non-compliant controls.

• Develop and maintain security posture dashboards for monitoring security status across cloud environments.

• Create and update security configuration guides and playbooks for AWS environments.

• Consultation & Collaboration:

• Provide technical consultation to engineering teams on implementing secure cloud solutions and best security practices.

• Offer guidance on security engineering tasks, including security hardening, risk mitigation, and securing cloud infrastructure.

• Assist in developing and updating AWS security configuration standards to enforce consistency across environments.

• Training & Awareness:

• Conduct security training sessions for engineering teams to ensure knowledge transfer and awareness of best security practices.

• Present security findings and recommendations to leadership and engineering teams, ensuring transparency on security posture and improvement areas.

• Automation & Tooling:

• Identify opportunities to automate security assessments using DevSecOps tools and techniques to increase efficiency and reduce manual oversight.

• Recommend and implement security tooling improvements for cloud security operations., The contractor will be responsible for the following key deliverables:

• Security Reviews of cloud infrastructure and adherence to security best practices.

• Infrastructure-as-Code evaluations and security audits.

• Development and maintenance of security dashboards and configuration playbooks.

• Regular security training for engineering teams and stakeholders.

• Providing technical consultation for secure cloud implementations.

• Automating security assessments and improving security tooling.

• AWS Cloud Security Experience:

• Minimum of 5 years hands-on experience with AWS security, including cloud architecture and risk management.

• Proven expertise in implementing secure AWS cloud architectures aligned with industry best security practices and frameworks.

• Certifications:

• AWS Certified Security - Specialty (strongly preferred).

• AWS Certified Solutions Architect - Professional or Associate.

• Security & Compliance Expertise:

• Demonstrated experience with federal cybersecurity requirements, including NIST Cybersecurity Framework, OMB Memorandum M-22-09, and NIST SP 800-53.

• Strong understanding of IAM, network security, zero trust architecture, data loss protection, and DevSecOps practices.

• Technical Skills:

• Expertise in AWS cloud security, security engineering, and Infrastructure-as-Code (IaC) tools.

• Familiarity with scripting for security orchestration and automation.

• Ability to perform detailed security assessments and remediate issues promptly.

• Soft Skills:

• Strong analytical and problem-solving abilities to address complex security challenges.

• Excellent communication skills to engage with team members, stakeholders, and leadership.

• Ability to work independently, taking ownership of tasks and maintaining attention to detail.

SaidGig

• Washington DC

• $53.00 per hour This role involves performing human-in-the-loop testing and evaluation of agentic storage management experiences. You will support the calibration and validation of AI-powered stor…

• 16 hours ago