Cloud Engineer
ECS Corporate Services

Job Info

---

ECS is seeking a Cloud Engineer to work in our Seaside, CA office. Please Note: This position is contingent upon additional funding.

Job Description:

• Apply specialized knowledge of container security and orchestration to develop security solutions in multi-cloud environments to protect our client's sensitive information
• Directly perform architecture, engineering and analyst duties. Provide surge support when the assigned analyst and engineer need to meet daily operations objectives
• Build and support integrated solutions
• Collaborate with other engineers, product managers and customers to shape, build and improve features and engineering tools
• Create reusable components that make it easier to build consistent and high-quality user experiences
• Own cyber areas of the product and lead their implementation
• Evaluate and implement third-party cloud security and compliance tools
• Support DevSecOPS integration
• Provide Cloud Security support across the DHRA enterprise
• Provide security compliant architecture, solutions and engineering support for cloud migrations
• Accounts: Manage, implement and report on cloud container privilege accounts
• Design, build and maintain UI functionality from sophisticated dashboards to context-aware user flows
• Collaborate with leadership to develop metrics based on enterprise situational awareness and monitoring
• Track, measure and evaluate security compliance across the enterprise
• Prepare and present weekly presentation status slides
• Create and maintain SOPs, TTPs, Topology Diagrams, Information Flow Diagrams, and SPARXs documentation
• Develop SOP for integration of new applications into DHRA containerized environments
• Develop standards and guidelines for cloud development, integrations and operations
• Improve engineering standards, tooling, and processes
• Create, maintain all eMASS package artifacts
• Ensure compliance with NIST 800-53 controls and STIG/Vulnerability compliance
• Identify risks and collaborate to remediate risks
• Develop as is models and future state models, as well as technology roadmaps
• Recommend long-term and strategic advancements
• Advise customers on how to best leverage cloud container solutions, such as StackRox to secure their Kubernetes environments
• Perform Baseline Image validation of new container template images.
• Validate all unnecessary packages have been removed from image and STIGs have been applied to image.
• Manage container segmentation polices, and identify policy violations
• Validate at a minimum the logs list below are being collected and reviewed: - docker daemon - /var/lib/docker - /etc/docker - docker.services - docker.socket - /etc/default/docker - /etc/docker/daemon.json - /etc/sysconfig/docker - /usr/bin/containerd - /usr/sbin/runc
• Perform Vulnerability scans on container environment and collate results for remediation by container management group
• Ensure that Malware and Threat prevention functionality is enable on container host, environment, and segments
• Ensure modules are in place for on the fly incident response and digital forensics
• Integrate tool logs with both DHRA Logging solution and CSSP Logging Solution
• Provide as part of the weekly Scanning and Monitoring report the following information pertaining to Container Security:
  • Changes to network segments being monitored; new application being integrated into container security tool; list of newly approved container baseline images; list of unmanaged container; identify obstacles and remediation actions necessary for successful log management operations.

Salary Range: $150,000 - $190,000

Required Skills:

• Must be a US citizen, possess a DoD Top Secret clearance: Minimum vetting Tier 5(T5)-Single Scope Background Investigation (SSBI)
• Active DoD 8570 IAT Level 2 or 3 certification for compliance, including at least one of the following certifications in good standing: CISSP, CCSP, CCNA Security, CySA+, GICSP, GSEC, Security+, CND, or SSCP
• Bachelor's degree and 10+ years of Information Technology or Cybersecurity related experience
• Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
• Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions
• Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
• Knowledge of DoD cybersecurity policies, practices, and requirements
• Strong organizational skills
• May be required to travel, as requested by the Prime and or Government client

Desired Skills:

• Prior StackRoxs experience
• DevSecOps knowledge and experience
• Hands-on experience in scripting such as PowerShell, Python, or Bash and configuration automation tools, such as Ansible, Puppet or Chef.
• Experience in an enterprise environment (1500 servers plus 2500 workstations)
• Strong technical writing skills
• CISSP, CASP, CEH

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

General Description of Benefits

This job has expired.