Cloud Cybersecurity Engineer

L2 Cyber Solutions (L2 Cyber) has a Federal contract with Office of Satellite Ground Services (OSGS), in support of the National Oceanic and Atmospheric Administration (NOAA). OSGS plans and executes common services for NOAA’s satellite, data, and information capabilities. The core responsibilities of OSGS include planning, acquisition, development, integration, transition to operations, and sustainment of common ground services. OSGS provides engineering and project management for ground systems/services design, development, integration and testing, migration of on-premise capabilities to a public cloud solution, and associated infrastructure.

The Cloud Cybersecurity Engineer ensures that appropriate steps are taken to implement information security requirements for IT systems throughout their life-cycle - specific to cloud environments. A successful candidate is a SME in all things related to securing multiple disaggregated cloud environments, including production workloads in a hybrid system architecture . A successful candidate will also have comprehensive knowledge of Federal IT security regulatory requirements and standards.

Responsibilities include, but are not limited to

• Ensures security standards and best practices are appropriately integrated into development of cloud applications and deployments.
• Participates in large-scale projects as a cloud security subject matter expert
• Advise the cybersecurity executives (including the CIO, CTO, CISO, Enterprise Architect, System Owner, and ISSO) in all aspects of cloud cybersecurity
• Provide guidance to developers and other technical stakeholders on AWS security topics, and educate members on their responsibility regarding the shared security model 
• Document systems architecture, configuration & deployment plans with security aspects in mind
• Help to architect, construct, and maintain DevOps CI/CD pipelines 
• Directly contribute to security documentation (System Security Plan (SSP), FIPS 199 Criticality Assessment, FIPS 200 Control Tailoring, Configuration Management Plan (CMP), System Contingency Plan (CP), Business Impact Assessment (BIA), Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), Plans of Action and Milestones (POA&M)) IAW customer directives (e.g. NIST, NOAA/DOC) throughout the information system's A&A lifecycle
• Support all Assessment & Authorization (A&A) activities
• Draft and maintain Acceptance of Risk(s) documentation, and perform routine vulnerability/risk assessment analysis
• Identify vulnerabilities, risks, and protection measures as it relates to information systems
• Update system-level policies and assist in developing procedures that meet Federal IT security requirements
• Assess new technologies and advise how to correctly implement security controls using those tools per NIST guidelines and cloud best practices
• Achieve Control compliance with supporting artifacts and conduct gap analysis of security controls
• Assist in achieving ATO for assigned systems, including FedRAMP cloud-based IT systems
• Prepare security control briefings and quarterly ATO/AO briefs/pre-briefs
• Prepare cloud-based application briefings for enterprise usage
• Help assemble FISMA reporting score cards
• Demonstrated experience with multiple operating platforms, products and technologies (Linux, Cisco, and Microsoft, Jira, SharePoint, ArcSight, McAfee, IPS/IDS, FWs)
• Ensure IT systems have all security controls in place and functioning properly in accordance with NIST 800-53A publication
• Conduct and evaluate/analyze vulnerability results from the following set of tools to include but not limited to: NESSUS/TenableSecurity Center, CSAM, Arcsight, BigFix, and WebInspect
• Demonstrate understanding of the Federal Authority to Operate (ATO) process
• Experience with enterprise data calls, including: quarterly FISMA data call, monthly Cybersecurity Data Call (Top-5 Balanced Score Card (BSC), HSPD-12, TIC, POA&M status, Enterprise Continuous Diagnostics and Mitigation (ECDM), CP and CP Test compliance), BOD 18-01 website compliance data call, and High Value Asset (HVA) data call

Required Experience, Knowledge, Skills, and Abilities

• BS/BA in relevant field, or equivalent experience 
• +4 years of relevant experience 
• Federal IT system cybersecurity experience 
• CISSP, GIAC certifications, CISA, CISM, SEC+, or a similar certification
• CCSP, GSCA, CCSK, AWS Certified Security — Specialty, or a similar certification
• Cloud experience, an understanding of the shared security model in relation to Federal IT systems, and relevant certifications (Big 3 CSP, CCSP, etc.) is highly desirable
• Experience/knowledge with securing Production workloads running on AWS cloud using IaC methodology, scripting skills, and automated build pipelines, as well as possess knowledge on AWS Best Practices and AWS Well-Architected framework
• General CSP and CASB security experience, but strong preference for AWS experience
• Must have deep knowledge on AWS IAM & KMS services, in addition to all AWS security services and how the can integrate/be leveraged in an existing cloud framework 
• Knowledge of TCP/IP networking, SMTP, HTTP, load-balancers and VPC’s
• Some Experience scripting one or more of the following Python, Typescript, PowerShell, PHP, or NodeJS
• Familiar with SDLC (Software Development Life Cycle) processes - especially DevSecOps pipeline and processes
• Experience with centralizing, querying, and setting up alerts based off AWS CloudTrail, AWS Config, and VPC Flow Logs
• Familiar with enterprise cybersecurity architecture and its data collection points, as it relates to incident response and investigations (antivirus, firewalls, email gateways, DNS, web and content filtering proxies, logging infrastructure, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Security Event Information Management Systems (SEIMS), etc.)
• Experience with CSAM, Nipper, Tenable Security Center, Nessus, etc.
• Ability to analyze and understand cyber threat actor capabilities and intentions, methodologies, methods, and motives
• Ability to perform threat vector risk assessments
• Ability to interact with other staff and senior Federal employees – technical and non-technical personnel
• Ability to manage multiple tasks in a fast-paced environment
• Possess a positive and self-motivating attitude
• Excellent written, verbal, and analytical skills
• Must have, or be able to, pass a US Government Background Investigation (this is a non-cleared position)
• Must be a U.S. citizen

Additional Information 

• This is a fully remote position, you must be able to effectively work remotely with minimal direct supervision
• Client location is Silver Spring, MD (ET zone), preference given to applicants in the DMV or located in CO
• Travel may be required for key meetings/engagements (5-10%)

Benefits

• In compliance with Colorado’s Equal Pay for Equal Work Act, the salary range for this role in Colorado is $110,000 to $140,000 
• Medical, vision, dental, life, and disability coverage
• 401(k) w/ matching contribution up to 3%
• Education/professional development assistance
• Competitive PTO w/ additional company paid Holidays
• Remote office technology assistance 

About L2 Cyber Solutions

L2 Cyber Solutions is a Woman-Veteran owned small business that provides niche Cybersecurity Engineering & Consulting, Portfolio/Program/Project Management, Risk Management, and Assessment & Authorization services. We have been named a ColoradoBiz Top 100 Woman-Owned Company, and Top 250 Private Company - we recognize that these awards are made possible because of our employees. 

At L2 Cyber Solutions, we make our employment decisions based on business needs, job requirements, and individual qualifications. We are an Equal Opportunity Employer, and encourage all qualified individuals to apply.