AWS Cloud Security Engineer with CNAPP

Clearance Level
None
Category
Cyber and IT Risk Management
Location
Remote, Working from the USA
Key Skills For Success

AWS Cloud Computing

Cloud Computing

Cloud Security

REQ#: RQ224469
Public Trust: BI Full 6C (T4)
Requisition Type: Regular
Your Impact

Own your opportunity to support the missions that matter. From working with technologies like AI, cyber and cloud to careers in intelligence and health, we offer endless opportunities to apply your expertise to create a safer, smarter world while building new skills to propel your career forward.

Job Description

The AWS Cloud Security Engineer will work as part of an agile development team to build and support the modernization of enterprise-class software applications utilizing judiciary frameworks. They will provide advanced technical expertise in securing AWS cloud environments through continuous vulnerability management, Cloud-Native Application Protection Platform (CNAPP) operations, threat detection, compliance monitoring, and cloud security engineering. This role supports enterprise cloud modernization initiatives operating within a FedRAMP High and Zero Trust Architecture (ZTA) environment by implementing and maintaining cloud-native security capabilities across AWS infrastructure, containerized workloads, storage platforms, cloud services, and enterprise applications. Security platforms utilized include Wiz, Splunk, New Relic, IriusRisk, and TestifySec.

KEY RESPONSIBILITIES:

  • Implement, configure, and manage CNAPP capabilities across AWS cloud environments supporting FedRAMP High compliance requirements.
  • Configure and maintain AWS-native security services.
  • Implement and monitor Cloud Security Posture Management (CSPM), Cloud Infrastructure Entitlement Management (CIEM), workload protection, runtime security, vulnerability management, attack-path analysis, encryption controls, network segmentation, backup/recovery protections, and continuous compliance monitoring capabilities.
  • Monitor and analyze Wiz vulnerabilities, Splunk alerts, AWS security findings, SIEM events, runtime alerts, and New Relic dashboards to identify threats, validate remediation efforts, and support continuous cloud security operations and incident response activities.
  • Implement and validate security baselines, policy enforcement mechanisms, encryption standards, workload isolation controls, secrets protection, secure storage configurations, and least-privilege access controls aligned with Zero Trust principles.
  • Integrate CNAPP tooling with SIEM, logging, monitoring, alerting, automated remediation, and incident response platforms to support centralized cloud security operations.
  • Support continuous ATO activities by developing and maintaining SSPs, security implementation procedures, SOPs, mitigation plans, technical runbooks, automated remediation playbooks, audit evidence, POA&M documentation, and operational security documentation supporting FedRAMP, NIST 800-53, FISMA, and Judiciary security requirements.

REQUIREMENTS

Required Education & Experience: Technical Training, Certification(s) or Degree and 10+ years of general experience in information systems required

Preferred Education & Experience: Additional education and/or experience are strongly preferred in the following combinations:

  • HS Diploma & 16+ Years Experience
  • AA/AS & 14+ Years Experience
  • BA/BS & 12+ years Experience
  • MA/MS & 10+ Years Experience
  • Doctorate Degree/Ph.D. & 9+ Years Experience (may subtract 1 year from required experience with Doctorate Degree)

Required Skills:

  • 7+ years of cybersecurity experience with at least 4+ years focused on AWS cloud security and CNAPP technologies.
  • Hands-on experience implementing and operating Wiz and AWS-native CNAPP/security services in enterprise cloud environments.
  • Strong experience with CSPM, CIEM, workload protection, runtime security, vulnerability management, cloud compliance monitoring, and cloud attack-path analysis.
  • Strong understanding of Zero Trust Architecture (ZTA), FedRAMP High, NIST 800-53, FISMA, CIS Benchmarks, and cloud security best practices.
  • Experience supporting vulnerability remediation, incident response, compliance assessments, and continuous monitoring activities in regulated cloud environments.
  • Ability to support after-hours vulnerability scanning, incident response, and critical security remediation activities as required.

Preferred Certifications:

  • AWS Certified Security - Specialty
  • Certified Kubernetes Security Specialist
  • AWS Certified Solutions Architect - Professional


Security Clearance Level: Ability to pass a background check to obtain and maintain a position of Public Trust with the Administrative Office of the US Courts
 

Must be a US Person (Green Card Holder, US Permanent Resident Alien, Refugee, Asylee, US Citizen)


Location: Remote

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

  • Growth: AI-powered career tool that identifies career steps and learning opportunities
  • Support: An internal mobility team focused on helping you achieve your career goals
  • Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
  • Community: Award-winning culture of innovation and a military-friendly workplace


OWN YOUR OPPORTUNITY
Explore an enterprise IT career at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your desire to drive operations forward.

#GDITLA

Work Requirements

Years of Experience

10 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

AWS Certified Security - Specialty | Amazon Web Services (AWS) - Amazon Web Services (AWS)

Certified Kubernetes Security Specialist (CKS) | Cloud Native Computing Foundation (CNCF) - Cloud Native Computing Foundation (CNCF)

AWS Certified Solutions Architect - Professional | Amazon Web Services (AWS) - Amazon Web Services (AWS)

Travel Required

Less than 10%

Salary and Benefit Information

The likely salary range for this position is $149,469 - $195,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
View information about benefits and our total rewards program.

Our Identity Verification Process

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during virtual interviews. We reserve the right to take your picture to verify your identity and prevent fraud. By proceeding, you authorize the collection, processing, and use of your biometric data for identity verification and security purposes.

About Our Work

We are GDIT. A global technology and professional services company that delivers technology solutions and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50+ countries worldwide, offering leading mission-ready capabilities in AI, cloud, cyber and software development.

Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans