Key Responsibilities

• Continuously monitor cloud environments for security threats, vulnerabilities, and anomalies using security information and event management (SIEM) tools.

• Investigate and respond to security incidents, including detailed analysis, containment, eradication, and recovery efforts. Prioritize, recommend, and implement mitigations for identified risks.

• Coordinate incident reporting and documentation for stakeholders and regulatory compliance.

• Collaborate with cloud engineers, DevOps teams, and client stakeholders to design, implement, and manage robust security solutions tailored to modern cloud architectures.

• Conduct regular vulnerability assessments and penetration testing in cloud environments (AWS, Azure, GCP, etc.).

• Ensure compliance with security policies, regulations, and industry best practices (e.g., ISO 27001, NIST CSF).

• Support secure configuration and deployment of cloud-based workloads, infrastructure, and platforms. Review and enhance security configurations across multi-cloud platforms.

• Collaborate with engineering teams to implement Identity and Access Management (IAM), encryption, and network segmentation.

• Ensure adherence to data privacy laws, industry standards, and contractual obligations for cloud services.

• Assist in audits and certifications by providing evidence and resolving non-conformities.

• Develop, review, and maintain security policies, procedures, and guidelines for cloud environments.

• Propose innovative solutions to improve the security and efficiency of cloud services.

• Work closely with delivery teams, ensuring that cloud services are delivered securely and aligned with contract expectations.

• Provide detailed reports to management and clients on security performance metrics, incident post-mortems, and improvement plans.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field.

• 5 years of experience in cybersecurity, with at least 3 years focused on cloud security and with security tools and technologies (e.g., firewalls, IDS/IPS, vulnerability scanners, SIEM).

• 3 years of experience in securing cloud platforms like AWS, Azure, or Google Cloud Platform.

• Must be an AWS Certified Security Specialty, Azure Security Engineer,

• Must be certified as CompTIA Security+, CISSP, CISM, or equivalent.

• Must be a US citizen or Green Card holder

• Must live a commutable distance from Bethesda, MD