GDIT's Cloud Platform team is looking for a Senior Cloud Security Engineer to join our team and support the National Institutes of Allergy and Infectious Diseases (NIAID).
This role will join an Agile team collaborating with engineers and developers to continuously innovating and improving security posture across a large federal AWS environment.
The ideal candidate will possess strong hands-on experience within a DevSecOps framework, infrastructure as code (terraform), and container services (ECS/Docker).
This role is fully remote, but must be within commuting distance to Rockville, MD.
Implement security tools with a focus on automating security and compliance best practices.
Build and maintain automation and integrations with security tooling and AWS security services.
Collaborate with development teams to solve complex security challenges.
Provide support with security incidents and remediation activities.
Implement CI/CD pipeline utilizing DevSecOps principles and practices to increase automation.
Create and maintain documentation playbooks and provide training to others on the team.
Support and contribute to business security requirements, such as the creation of security policies, procedures, and processes.
Participate in all team planning, product demonstrations, and team retrospectives
Serve as lead on projects and tasks
Required Qualifications and Skills:
BA/BS (or equivalent experience) and 7+ years of related IT experience
4+ years related experience with DevSecOps tools and practices, especially experience with Terraform, Docker, Github
Experience managing AWS network resources such as VPC, URL proxies, private link, DNS, ACLs, firewalls
Strong experience with AWS Services especially Security and Infrastructure
Experience with APIs and Plugins to integrate security tools into CI/CD pipelines
Strong experience with embedding security into CI/CD pipelines
Must be able to obtain/maintain a Public Trust
Must be within commuting distance to Rockville, MD
Desired Qualifications and Skills:
Experience with implementation of FISMA compliance security controls, including compliance with CIS and NIST 800-53 benchmarks.
Experience creating AWS Custom Config Rules
Development languages, and frameworks, including TypeScript, Node.js, AWS SDK, Python, and XML
Knowledge of compliance-as-code and ATO automation frameworks
Working knowledge of standard data storage formats and abstractions, including YAML, JSON, XML
Experience with database technologies, e.g. SQL, NoSQL.
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.