Job Family:
IT Cyber Security
Travel Required:
Up to 10%
Clearance Required:
Ability to Obtain Public Trust
What You Will Do:
- We are seeking an experienced AWS Security engineer to design, implement and maintain security controls across AWS cloud environments.
- This role will focus on safeguarding cloud workloads, ensuring compliance with industry standards, and driving leading/best practices in identity management, monitoring, and threat detection.
- The ideal candidate is hands-on with AWS security services, has deep knowledge of cloud security frameworks, and can partner with engineering and operations teams to embed security into the system.
- Design and implement secure architecture within AWS using services such as IAM, KMS, CloudTrail, Config, and third-party tools/services
- Implement and manage centralized logging, monitoring, audit monitoring, incident triage and alerting solutions. Conduct threat modeling, vulnerability scanning, and penetration testing.
- Compare the system environment with applicable security requirements (CIS Benchmarks, NIST, HIPAA, FedRAMP, SOC 2 etc.) as applicable and chart a path towards compliance.
- Support incident detection, investigation and response within AWS workloads. Maintain and monitor audit trails across accounts and services. Work with compliance and risk teams to align security with regulatory requirements.
- Maintain security control documentation
- Support Disaster Recovery/Continuity of Operations (DR/COOP) tests
- Support audits and other compliance related requests
What You Will Need:
- US Citizenship is required.
- Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred.
- Bachelor’s degree from an accredited university.
- Minimum of TWO (2)+ years of relevant work experience.
- Experience in cloud security or cybersecurity roles focused on AWS security.
- Expertise in AWS core services (EC2, S3, RDS, Lambda, ECS/EKS, CloudFront, Route 53, IAM, etc.)
- Knowledge of CI/CD pipelines, GitHub Actions audit, CodeBuild job review, artifact migration, secrets verification, deployment dry runs, rollback prep, cutover support.
- Knowledge of tax-processing, tax compliance, case management, and taxpayer data are highly preferred.
- Experience in organizing, directing, and managing multiple, complex, and interrelated application development and testing tasks.
- Experienced in the following:
- Monitoring AWS/Databricks telemetry by leveraging AWS tools (GuardDuty) or third party monitoring tools selected by client
- Managing access, including granting and removing, supporting integration with an IGA solution, identifying stale accounts
- Rotating keys/certificates by leveraging KMS (AWS tool)
- Enforce encryption for data in transit/at rest
- Generating or supporting the generation of information for access entitlement
- Track and remediate vulnerabilities/ Plan of Action and Milestones (POA&Ms)
- The individuals should be responsible for technical quality and coordination with government technical leads throughout information technology (IT) and shall be available during normal hours of operation.
- Proven ability to work autonomously and collaborate, mentor, help, and support other team members, as needed to solve complex operational and reliability problems.
- Strong development background in Python, Bash or similar
What Would Be Nice To Have:
- AWS Certified Security – Specialty (Highly desirable).
- Advanced Cloud and/or advanced Databricks certifications in good standing, at the time of contract award and throughout the period of performance is highly preferred.
- AWS Certified Solutions Architect or DevOps Engineer certifications.
- CISSP, CISM or GIAC certifications.
The annual salary range for this position is $74,000.00-$124,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Parental Leave
401(k) Retirement Plan
Group Term Life and Travel Assistance
Voluntary Life and AD&D Insurance
Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
Transit and Parking Commuter Benefits
Short-Term & Long-Term Disability
Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Care.com annual membership
Employee Assistance Program
Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
Position may be eligible for a discretionary variable incentive bonus