Cloud Security Engineer (R-00123) at Truezerotech

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM – $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies. As a Cloud Security Engineer you will provide technical expertise to plan, analyze, define, and support the secure delivery of future functional and technical capabilities for applications leveraging an evolving, security focused cloud-based architecture. Guide the continuous review and improvement process for existing components and their security integrations. Assist in facilitating technical solution and design discussions, complete proof of concepts, and develop non-functional requirements. Manage creation and quality of deliverables. Develop processes to ensure successful operations and management applications within the cloud. Integrate into all aspects of Security Operations to enable resilient and holistic cloud-focused mission achievement. Qualification Requirements • Perform in a SME cloud security engineering role responsible for the design, configuration, testing, and deployment, of cloud provider services such as AWS, Azure, Oracle, etc. and cloud-based services such as Office 365 • Apply knowledge of the latest trends in the cloud security engineering industry • Provide input to programs throughout the lifecycle to ensure systems meets Risk Management Framework standards • Leverage and optimize system automation technologies and configuration management technologies such as Saltstack, Chef, Puppet, Ansible, Terraform, CloudFormation or others to create standardized IT environments • Work with Solution Architects and Security Architects to conduct Proof of Concepts (POCs), and assist in production implementations • Execute periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external web integrity scans to determine compliance • Provide targeted oversight and security tool integration for a host of security products and domains, spanning both enterprise grade network and endpoints. • Demonstrate experience with network and infrastructure design and build • Possess proficiency with scripting languages including Python, Perl, Unix/Linux Shell, PowerShell, etc. • Participate in special projects as required to include technology evaluations and produce Analysis of Alternatives (AoA) and provide Cloud Security SME recommendations • Assist the customer to design, implement, and document the security controls of the system to enable the agency to achieve initial authorization • Support the iterations of new capabilities and cloud services via change management and continuous monitoring • Assist customer in leveraging the security controls provided so they can rapidly deploy their applications Position Requirements • BA or BS degree, or at least 4 years of experience in related field • Excellent communication skills, verbal and written, with ability to influence and collaborate with leadership, peers, and team members • Approved to work in the United States • Ability to work well in a team environment • Extensive hands-on experience with cloud architecture/engineering, services, migration, and security to include FedRAMP IaaS, PaaS, and SaaS offerings • Experience with Cloud-based Computer Network Defense (CND) • Experience with cloud automation and scripting (Auto-scale, Azure Resource management, Scripting, PowerShell) • Experience with A&A practices and processes under Risk Management Framework (RMF) and implementing NIST 800-53 security controls for U.S. Government networks and applications • AWS/Azure certification(s) preferred • Active clearance, or ability and willingness to submit for a clearance/BI process We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy: - Competitive salary, paid twice per month - Best in class medical coverage - 100% of medical premiums covered by True Zero - Company wide new business incentive programs - Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.) - 3 weeks of PTO starting + 11 Paid Holidays Annually - 401k Program with 100% company match on the first 4% - Monthly reimbursement of Cell Phone and Home Internet costs - Paternity/Maternity Leave - Investment in training and certifications to broaden and deepen your technical skills