Skip to Main Content

Security Engineer Cloud

Compass Pointe Consulting
Bethesda, MD
  • Expired: over a month ago. Applications are no longer accepted.
Job Description
Systems Security Engineer (Cloud)

The responsibilities encompass collaborating with other DevOps and SysOps teams to transition applications to the cloud; securing the configuration management of the cloud infrastructure; mitigating risks and applying security controls to improve visibility and diagnostics in compliance with governing Federal requirements and security best practices.
• Developing and deploying infrastructure as code (IaC) scripts to implement and optimize security controls and mechanisms of a cloud infrastructure.
• Acting as the subject matter expert for cloud security and tools such as Security Information and Event Management (SIEM), access control mechanisms, Intrusion Detection and Intrusion Prevention Systems (IDS/IPS).
• Experience with Cisco ASA Firewalls or other firewalls/security devices (Juniper/Palo Alto) in an enterprise environment.
• Monitoring cloud infrastructure and pro-actively mitigate potential incidents before service degradation occurs.
• Providing guidance to our DevOps teams developing on public cloud platforms, advising on security standards for cloud deployment, and working to identify common patterns for template provisioning.
• Conducting assessments of security controls for new and existing cloud systems; creating and maintaining as-built system documentation, architecture diagrams, and online collaborative documentation.
• Determining security modes of operation and recommending new or revised security measures and countermeasures for current security challenges.
• Collaborating with team members to continue to evolve and implement a state-of-the-art secure cloud
Required Qualifications and Experience:
• Minimum of 5+ years of directly relevant experience in system security administration. A Bachelor’s degree in computer science, cyber security, engineering, or other related discipline would be viewed favorably but does not negate the minimum experience requirement.
• Experience in designing and implementing an enterprise-wide cloud security architecture.
• Proficiency with SIEM and vulnerability management solutions.
• Experience using common networking tools to aid in troubleshooting, including nmap, Wireshark, tcpdump, etc.
• Proficiency in one or more scripting languages: Python, Perl, PowerShell, or Bash.
• Proficiency with TCP/IP/UDP ports and protocols, IDS/IPS, Network Access Control List (NACL), Access Control Lists (ACL), and Security Group (SG) applications.
• CISSP certification or ability to obtain within first six months of employment.
• Strong written and verbal communications skills.
Desired Qualifications:
• Creating and editing AWS Cloud Formation scripts.
• Securing and monitoring Kubernetes.
• Managing and monitoring a centralized AWS logging architecture (e.g., Splunk).
• AWS Certified Security - Specialty, ISC2, or Cloud Security Alliance.

Compass Pointe Consulting


Bethesda, MD


Real Estate

View all jobs at Compass Pointe Consulting