H2 Performance Consulting

Cloud Information Systems Security Engineer, ISSE

H2 Performance Consulting

full-time

Posted on:

Origin:  • 🇺🇸 United States • District of Columbia, Washington

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

AWSCloudCyber SecurityITSMSplunkTerraform

About the role

  • Join AWS-based cloud operations team working with AWS DSO Cloud Engineers and ITSM Analysts/Developers to secure cloud environments.
  • Develop and maintain a comprehensive cybersecurity architecture for AWS cloud environments aligned with DoD Instruction 8510.01 and Navy RMF Process Guide.
  • Lead creation, review, and maintenance of authorization artifacts including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs) in eMASS.
  • Conduct NIST 800-53 control assessments, technical security testing, and vulnerability scans using ACAS, STIGs, and AWS-native security services to support ATO processes.
  • Manage authorization maintenance activities: annual security reviews, POAM updates, and compliance with ATO stipulations across IaaS, PaaS, and SaaS.
  • Collaborate with cloud engineers to perform security impact analyses for system changes and secure integration of IaC and DevSecOps pipelines.
  • Use Amazon GuardDuty, CloudWatch, AWS Security Hub, CloudTrail, and Splunk for event monitoring, log analysis, and incident response.
  • Establish and maintain inheritance profiles with AWS Cloud Service Providers to streamline compliance and reduce assessment overhead.
  • Support cybersecurity processes including CCRI, Web Risk Assessments, and audits by providing documentation and remediation plans.
  • Integrate security findings into Remedy workflows with ITSM Analyst/Developer team for incident and problem management.
  • Implement and manage security tools like Trellix, Invicti, and Anchore to identify vulnerabilities and ensure STIG compliance.
  • Provide technical guidance on interpreting ACAS and STIG results and recommend improvements to processes, policies, and tools.
  • Document security configurations, processes, and lessons learned; participate in Agile processes and engage with the Cloud Center of Excellence.

Requirements

  • Minimum of 4 years of experience in cybersecurity, with at least 2 years focused on cloud security engineering in AWS or similar cloud environments.
  • Proven expertise in achieving and maintaining DoD cloud authorizations under RMF, including artifact development and eMASS management.
  • Hands-on experience with NIST 800-53 control assessments, ACAS scanning, and STIG compliance in cloud environments.
  • Proficiency in using AWS security tools (e.g., AWS Security Hub, Amazon GuardDuty) and Splunk for event monitoring and log analysis.
  • Familiarity with Infrastructure-as-Code (IaC) tools like Terraform or Bicep and their security implications in cloud deployments.
  • Knowledge of DoD cybersecurity standards (e.g., NIST 800-53, DoD STIGs) and their application in cloud environments.
  • Experience with security tools such as Trellix, Invicti, or Anchore for vulnerability management.
  • Strong understanding of AWS services, including compute, storage, networking, and identity management, from a security perspective.
  • Minimum SECRET clearance and a DoD 8570 IAM Level II certification (e.g., CISSP, CAP, or Security+ with relevant CE).
  • Ability to work independently, prioritize tasks, and meet deadlines in a fast-paced environment.
  • Excellent critical thinking, problem-solving, and communication skills for collaborating with technical and non-technical stakeholders.
  • Proficiency in Microsoft Office applications (Word, Excel, PowerPoint, Outlook) for documentation and reporting.
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent experience).
  • Preferred: Experience in operational IT roles within DoD environments; familiarity with DevSecOps and GitHub Advanced Security tools; hands-on Remedy experience; AWS security certifications; multi-cloud experience; knowledge of DoD enterprise architectures and cloud migration/security processes.