- Design implement and manage security controls for cloud infrastructure with a primary focus on Azure ensuring alignment with DoD security requirements and best practices.
- Develop and enforce security policies procedures and standards to protect cloudbased assets and data.
- Conduct security assessments and vulnerability analysis of cloud environments identifying and mitigating risks.
- Implement identity and access management (IAM) controls including multifactor authentication (MFA) rolebased access control (RBAC) and least privilege principles.
- Monitor and respond to security incidents ensuring timely resolution and documentation of all activities.
- Collaborate with cloud architects DevOps teams and developers to integrate security into the CI/CD pipeline and infrastructure as code (IaC) practices.
- Ensure compliance with federal regulations including FISMA NIST FIPS and RMF by developing and maintaining security documentation and artifacts.
- Support future project phases involving AWS by designing and implementing security measures across both Azure and AWS environments.
- Stay current with emerging threats vulnerabilities and security trends applying this knowledge to enhance the security posture of cloud environments.
- Provide guidance and training to technical teams on cloud security best practices and compliance requirements.
- Other duties as assgined.
Requirements
- Clearance Requirements:
- DoD Security Clearance of Secret or higher
- Education:
- Bachelor s degree in Computer Science Information Technology or a related field. Equivalent work experience may be considered.
- Experience:
- 7 years of experience in cybersecurity with at least 3 years focused on cloud security in Azure.
- Demonstrated experience securing cloud environments in Azure including the design and implementation of security controls in a classified DoD or FISMA High environment
- Experience working in a federal or DoD environment with a strong understanding of DoD FISMA NIST and RMF compliance requirements.
- Proven track record of managing security in complex multicloud environments.
- Skills:
- Expertise in Azure security tools and services such as Azure Security Center Azure Sentinel and Azure Policy.
- Strong knowledge of cloud security frameworks identity and access management (IAM) and encryption techniques.
- Experience with security automation and integration within CI/CD pipelines.
- Strong analytical and problemsolving skills with the ability to assess risks and implement effective mitigation strategies.
- Excellent communication skills with the ability to convey complex security concepts to technical and nontechnical stakeholders.
- Preferred Skills:
- Relevant security certifications such as Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) or Microsoft Certified: Azure Security Engineer Associate.
- Knowledge of container security including securing Kubernetes clusters and Docker containers.
- Familiarity with advanced threat detection and incident response techniques in cloud environments.
- Experience with automation tools like Terraform or Ansible for security policy enforcement.
Benefits
Job Location: Hybrid. Candidates are required to be onsite at Ft. Meade MD often.
* Competitive Salaries & Benefits to include Health Dental Vision and Retirement!
* Health Advocate & Concierge Services!
* Unlimited Job Related Training & Development!
* Employee Recognition & Incentive Programs!
* Employee Appreciation & Company Sponsored Events!
* Opportunity to work with leading edge technology!
* Community Outreach & Charity Work!
Clearance Requirements Must have active DoD Security Clearance of Secret or higher Education: Bachelor s degree in Computer Science, Information Systems, Engineering, Business or other related scientific or technical discipline Experience: 5+ years of DevSecOps experience Minimum 3 years of experience with Azure and DevSecOps environments Minimum 3 years of experience with application and operating system security Experience in Agile methodologies such as Scrum, Lean, Kanban, Scrumban Minimum 3 years of experience creating Continuous Integration/Continuous Development (CI/CD) pipelines using tools such as Jenkins, Terraform, Ansible, Docker, Helm Experience with YAML and Groovy Experience with Jira, Confluence, Bitbucket Kubernetes, Docker Jenkins, Groovy, Gitlab, Nexus SonarQube, Fortify, OSCAP, Anchore Testing frameworks such as JUnit/TestNG/Mockito Skills: Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and nontechnical audiences at various organizational levels Preferred Skills: Certification in one or more cloud environments (Azure or AWS) Knowledge and experience working in DoD Azure environments