Nightwing is supporting a U.S. Government customer to provide rapid deployment and management of secure cloud-based engagement kits for cyber incident response and threat hunting operations. As part of the Engagement Support Services (ESS) contract, this program enables analysts to quickly access the tools and environments they need to investigate cyber threats affecting federal agencies, state and local governments, and critical infrastructure. Working on this team means directly supporting the nation's cybersecurity defenders by ensuring they have reliable, scalable, and secure cloud infrastructure available within hours of a cyber incident-helping protect America's digital infrastructure when it matters most.
The Information Security Engineer will ensure the security, compliance, and resilience of Bespin cloud engagement kits throughout their lifecycle. This position is responsible for implementing security controls, conducting continuous monitoring, managing vulnerabilities, and ensuring adherence to federal security requirements and best practices.
Responsibilities:- Implement and maintain security controls for cloud engagement infrastructure
- Enforce encryption standards (TLS 1.2/1.3) and hardened cloud configurations
- Conduct continuous security monitoring and threat detection
- Manage vulnerability assessment and remediation processes
- Implement namespace obfuscation and data protection measures
- Ensure compliance with federal security frameworks (NIST, FedRAMP, etc.)
- Conduct security reviews of engagement kit configurations and deployments
- Coordinate incident response activities related to security events
- Develop and maintain security documentation and standard operating procedures
- Perform security assessments of third-party cloud services and dependencies
- Implement and manage identity and access management controls
- Monitor for and respond to potential security incidents or anomalies
- Support security aspects of engagement kit decommissioning and data sanitization
- Provide security guidance and training to operations teams
Required Skills: - Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability
- 5+ years of experience in information security, preferably in cloud environments
- Strong knowledge of AWS security services and best practices
- Experience with security monitoring and SIEM tools
- Understanding of encryption, PKI, and data protection technologies
- Knowledge of federal security compliance requirements (FISMA, FedRAMP, NIST 800-53)
- Experience with AWS EC2/S3/VPC deployment and configuration, Cloudtrail, Cloudwatch, AWS Security Hub
- Experience with Nmap, Nessus, Splunk Administration/Configuration
- Linux/Unix System Administration (Alma9, RHEL, CentOS, Ubuntu from most to least)
- Experience/knowledge with NIST, STIG, ATO, SOC, or system hardening experience
- Experience with vulnerability management and penetration testing
- Strong understanding of network security principles
- Experience with security automation and scripting
- Relevant security certifications (CISSP, Security+, CCSP, or similar)
Desired Skills: - Experience supporting incident response or threat hunting operations
- Knowledge of container and Kubernetes security
- Experience with infrastructure-as-code security scanning
- Familiarity with STIG implementation and compliance automation
- Background in forensics or malware analysis
- Experience with cloud security posture management tools
- Knowledge of DevSecOps practices and tools
Required Education: - Bachelor's degree in Cybersecurity, Computer Science, or related field, or High School diploma and 7+ years of directly relevant experience
Desired Certifications: - AWS Certified Security - Specialty
Syndeo: ESS-3416
