Cloud Security Architect - Government Contract
Apply NowCompany: DSN
Location: Bethesda, MD 20817
Description:
Cloud Security Architect - Government Contract
REMOTE, expected to change to Hybrid, DC area candidates only!
Responsibilities
Laurie Roth
President/Sr. Consultant
DSN-IT
www.dsn-it.com
https://www.linkedin.com/in/laurie-jane-roth-084769/
REMOTE, expected to change to Hybrid, DC area candidates only!
Responsibilities
- Design, develop, and implement secure and compliant cloud architectures on AWS, adhering to FISMA and FedRAMP security controls
- Conduct threat modeling and security assessments of cloud deployments to identify and mitigate vulnerabilities
- Select and configure appropriate AWS security services like IAM, KMS, Security Groups, WAF, and CloudTrail to meet compliance requirements
- Implement data encryption strategies at rest and in transit, ensuring data protection aligns with FISMA and FedRAMP guidelines
- Integrate enterprise security solutions (e.g. Splunk, Tenable, etc) for cloud security monitoring and incident response
- Automate security configurations and enforce security best practices through infrastructure as code (IaC) tools, ensuring compliance automation
- Develop and implement incident response plans for cloud security threats, aligned with FISMA and FedRAMP incident reporting procedures
- Stay up to date on the latest AWS security features, vulnerabilities, and compliance updates for FISMA and FedRAMP
- Provide security guidance and expertise to developers, operations teams, and other stakeholders, fostering a culture of security awareness
- Develops security requirements for applications migrating from on-prem implementations to the cloud
- Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience)
- 8+ years of experience in information security, with a minimum of 3 years focused on cloud security
- Proven experience designing and implementing secure cloud architectures on AWS, with a strong understanding of FISMA and FedRAMP compliance frameworks
- In-depth knowledge of AWS security best practices, compliance frameworks (e.g., PCI-DSS, HIPAA), and the ability to map them to FISMA and FedRAMP controls
- Experience with cloud security tools like IAM roles, KMS encryption, Security Groups, WAF, CloudTrail, and Config
- Experience with security automation tools, infrastructure as code (IaC) methodologies, and compliance automation
- Excellent communication, collaboration, and problem-solving skills
- AWS Certified Security - Specialty certification
- Experience with cloud security posture management (CSPM) tools
- Experience with security incident and event management (SIEM) solutions
- Experience with cloud workload protection platforms (CWPP)
- Experience with container security (Docker & Kubernetes)
Laurie Roth
President/Sr. Consultant
DSN-IT
www.dsn-it.com
https://www.linkedin.com/in/laurie-jane-roth-084769/