Allyon, Inc. is an established IT and Healthcare Services firm and we love what we do! It makes our day when we are able to help talented individuals achieve their career goals while at the same time helping our clients build quality teams. If you are interested in joining the Allyon Team, please apply or submit your resume for review today!
Job Title:
Senior Cyber Security Cloud Engineer
Location:
Remote
Duties & Key Responsibilities:
Design security architectures; recommend integration of new architectural features into existing infrastructures; design cybersecurity architectural artifacts; provide architectural analysis of cybersecurity features and relate existing system to future needs and trends; provide engineering recommendations and resolve integration and testing issues.
Apply a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop or review proposed solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations.
Design and develops new or reviews proposed security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
Perform assessments of RMF artifacts and identify where those artifacts deviate from RMF control requirements.
Review and ensure strict program control processes to ensure mitigation of risks and support obtaining assessment and authorization of systems. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
Develops technical solutions to complex problems which require the regular use of ingenuity and creativity.
Guides the successful completion of major programs. Erroneous decisions or recommendations would typically result in failure to achieve major organizational objectives.
Represents Engineering as the Cyber technical contact on engineering and architecture projects. Interacts with senior external personnel on significant technical matters often requiring coordination between organizations.
Work with the government to implement and evolve phased ATO process for the environment using A&A automation and maximize the use of inheritance/reciprocity
Develop approaches support strong authentication and multi-factor authentication to implement data access authorization based on user identity
Evaluate and provide recommendation methods of verification of the applicable DISA STIG, SRGs, and best practices
Provide Tier 3 Cyber Security Service Provider (CSSP) support, as well as interface with and meet requirements of the Tier 2 CSSP support providers
Ability to provide timely remediation recommendations for audit findings
Ability to support POA&M reviews and recommendations
Ability to support Code Review Security Vulnerabilities Remediation
Ability to support the updates to Risk Management Framework Artifacts
Minimum Requirements:
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience; PhD or JD and four (4) years or more experience. In lieu of a degree additional years of experience will be considered
Secret Clearance
Minimum Information Assurance System Architecture and Engineering (IASAE) Level III certified IAW DoD 8570.01M replaced by DoDD 8140
Compliant with DoD and USAF training requirements in DoDD 8570.01, DoD 8570.01-M, and AFMAN 17-1303.
Knowledge of DoD Policies and procedures including DoD 8500.01 and DoD 8510.01
Experience with DoD suite of security tools including Assured Compliance Assessment Solution (ACAS) Experience (Nessus / Tenable Security Center)
Experience evaluating STIG/SCAP compliance scanning and implementation
5+ years of experience as a Cyber Cloud Engineer supporting cloud environments - preferably AWS and Azure
Experience evaluating and configuring AWS and Azure Security Services
Experience with Risk Management Framework (RMF) and updating of security artifacts
Experience with compliance verification methods including DISA STIG, SRGs, and best practices
Experience with DevSecOps
Knowledge of the DoD suite of security tools including HBSS, and eMASS
Knowledge of cloud environments provided by AWS, Azure, OCI or GCP
Working knowledge of Microsoft Office Suite including Microsoft Visio
What we Offer:
• Competitive pay and benefits
• 401k eligibility after 6 months, including company match
Allyon, Inc. is an equal employment opportunities (EEO) employer and terms of employment are without regard to race, color, religion, sex, national origin, age, disability, or genetics. Allyon, Inc. complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment.