Steampunk wants you to join our team as a Cloud Security Engineer to support the design and implementation of mission systems improvements and modernization for a federal client. This includes the documentation of the security strategy, planning, and architecture, which will lead to the eventual build-out of the solution. This position shall conduct the activities needed to define, design, prototype, and obtain a Continuous ATO (Authority-to-Operate) for the JCF (Joint Common Foundation) Platforms
You will be a reliable engineer who can architect and deliver. This is a fast paced cutting edge environment for Security and engineering.
- Develop a JCF Platform Continuous ATO Plan that will define the overall strategy and plan for achieving a Continuous ATO for the JCF Platform and its associated factories.
- Develop the necessary Risk Management Framework (RMF) artifacts required
- Develop the necessary RMF artifacts required to obtain the Continuous ATO
- Provision, operate, and maintain the required in-stances of the JCF Platform, Factories, and associated pipelines in the cloud environment that are needed to support obtaining the JCF ATO.
- Assist the team in obtaining a Continuous ATO
- Assist the team in operating and maintaining the JCF Platform, associated factories and associated pipelines
- Plan and manage agile software development processes required to accomplish the software development work defined in this subtask.
- Minimum of 5 years’ hands on information technology implementation experience in security engineering with specific emphasis on cloud security
- Bachelor’s Degree in computer science, information systems, or equivalent (Additional work experience may substitute)
- Understand architectural development for cloud automated frameworks for Security Tool deployment and development, leveraging various scripting languages and open source solutions
- Understand architectural, design and implement monitor security measures related to computer networks and software testing and validation procedures, programming and documentation (Cloud Security, Application Security, Vulnerability Management)
- Understand cloud security plans that implement systems and procedures to effectively secure information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure.
- Work autonomously in an area of specialization to analyze internal security and provide relevant information to internal and external customers, suppliers, and partners.
- Understand and interpret cloud services that are offered on a platform, to include 3rd party services
- Assist with the implementation of monitoring capabilities for various audiences – developers, business owners, security, and infrastructure; analyze all platform level, network changes and monitor impact and provide appropriate technical solutions to resolve issues efficiently; evaluate and document operating baseline according to required standards.