Job Title: Cyber Command Cloud Security Engineer
Labor Category: Specialist 3
Location: New York NY (Hybrid) 3 days onsite 2 days remote
Job Type: Contract 12 Months
Scheduled Work Hours: Normal business hours Monday-Friday 9-5, 35 hours/week (not including mandatory unpaid meal break after 6 hours of work).
Rate: $90-$100 per hour
SCOPE OF SERVICES:
The candidate will bring together business owners, incident responders, and other members of the Security Sciences team to creatively solve complex challenges with engineering solutions. They will be proficient in the management and use of IAM, CASB, and SSE solutions, Zero Trust principles, Microsoft 365 best practices and hardening.
TASKS: The Cloud Security Engineer will:
1. Perform organization wide cybersecurity cloud security risk analysis and articulate identified risks within the agency.
2. Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the agency
3. Create and follow a process to track progress against engagements with the agency
4. Create reporting matrix for identified assessment risk to collect communication flow information, and build high level and low-level documents
5. Work on CASB and Cloud DLP, interact with vendor support teams, and drive the deployment to resolution
6. Translate compliance requirements into specific security controls and present compensating security controls
7. Report to upper management on current cybersecurity posture and progress on mitigating identified risks
8. Create metrics to measure cybersecurity controls efficacy
9. Monitor and respond to risk identified to aid the agency on resolution
10. Review and optimize existing cybersecurity controls
11. Ensure the organization compliance with cybersecurity best practices, policies and standards
12. Enforce Cloud security standards
13. Analyze vulnerabilities and work with the various teams to ensure timely remediation and validation
14. Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments
MANDATORY SKILLS/EXPERIENCE:
Note: Candidates who do not have the mandatory skills will not be considered · Bachelor’s degree in computer science, Information Systems or equivalent work experience
· At least 12 years of experience in information security
· At least 8 years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
· At least 8 years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management
· At least 4 years of experience working in cloud environment (Azure, AWS, GCP)
· At least 4 years of experience working in securing Internet-facing applications, utilizing Microsoft Entra AD, Microsoft Defender for Office, Skyhigh CASB and Cloud, SSE solutions
· At least 4 years of experience working with tools and techniques for collecting and processing Telemetry and Security Event Data.
· At least 4 years of experience architecting, deploying, and managing cloud security and/or EDR technology
· Experience using scripting languages (Python, Bash, Powershell, etc.)
· At least 4 years of experience with Windows, Linux, or MacOS administration
· Experience working with vulnerability management and scanning tools
· Experience working with application scanning tools
· Strong documentation skills and attention to detail
DESIRABLE SKILLS/EXPERIENCE: