Seeking a remote Cloud Security Specialist. The candidate will support the National Oceanic and Atmospheric Administration's (NOAA) Cloud and National Environmental Satellite, Data, and Information Service (NESDIS) initiatives. These strategic cloud initiatives intend to increase the bureau's IT efficiency, improve IT delivery, and reduce costs. Work with teams that are rapidly delivering value to their customers, leveraging Agile SAFe frameworks, Lean, and Kanban workflows.  

Experience Needed: 

• Preferred Certification: At least one of the following: Certificate of Cloud Security Knowledge (CCSK), CompTIA Cloud+, Certified Cloud Security Professional (CCSP), and/or AWS Solution Architect -Associate, AWS System Administrator-Associate, or AWS Certified Security - Specialty.

• At least four years' experience securing computer systems, performing accreditation activities, and/or writing system security plans (SSP), standard operating procedures (SOP), and security impact analysis (SIA). 

• Experience with infrastructure as code (IaC), and writing basic to moderate automation scripts for developer security operations.

• Broad cloud security knowledge around the following domains: data protection, identity access management (IAM), incident response, logging and monitoring, and network security. 

• Demonstrate use and understanding of security technologies such as Security Incident and Event Management (SIEM), and Endpoint Detection and Response (EDR)

• Experience working with Cloud Service Providers (CSPs), including AWS, Microsoft Azure, and Google Cloud Platforms

• Experience with the Risk Management Framework (RMF), NIST 800-53, & DISA STIGs; eMASS tools; securing a container environments; vulnerability management tools such as NESSUS and Prisma cloud compute

• Understanding of Agile Methodologies and tools i.e  JIRA preferred.

• Strong understanding of cloud computing technologies, SDLC, DevSecOps, IT business drivers, and emerging computing trends and technologies.

• Maturity and communications skills to interface with customers and end-users.

• Pass a US Government Background Investigation

• Excellent written, verbal, and analytical skills

   

  Duties/Responsibilities:  

• Proactively identify and review the security posture of NOAA's cloud environments to enhance  the overall security posture of the environment, accounts, applications.

• Recommend and implement configuration standards to ensure the safety and security of the environment, accounts, applications, and data; and to enable effective automated security monitoring.

• Liaise with engineering teams, and integrate into the DevOps process, to ensure security implications are considered early in the process and implemented at appropriate times.

• Act as a Subject-Matter Expert on Cloud Best Practices for all areas of the business, providing guidance and support as needed.

• Ability to demonstrate subject matter expertise on the 

• Support the audit process by preparing and producing evidence of effective control operations as part of continuous monitoring and ATO process.

• Ensure controls are implemented effectively.

• With a particular focus on cloud environments and tools, monitor alerts, detections, or other indicators of compromise/attack from information security solutions, including but not limited to:

• End-point Detection and Response Agents

• Monitor security platforms’ health for errors, misconfigurations, or performance alerts.

• Support response and investigation efforts into all security events and perform root cause analysis.

• Work collaboratively with other segments of the federal customer IT division to ensure end-customer success.

• Provides technical expertise in diagnosing and resolving issues, including determining and providing workaround solutions or escalation to owners.

• Troubleshoot an application at scale in the cloud.

• Basic knowledge of TCP, IP, HTTP and basic application architecture

• Proficient use of Linux, MacOS, and Windows Operating System tools (such as curl, wget, nslookup, etc.)

• Operating and maintaining tools across Cloud security technology stack (CSPM, CWPP, SASE, CASB, CIEM, Cloud native features like GuardDuty, AWS Config, Amazon Inspector, etc.)

• Education Requirements:   BS or higher in a technology-related field (Comp. Sci., IT, Info Security, Info Systems). MS is a plus.

ABOUT GAMA-1

GAMA-1 is a rapidly growing technology business that is based in Greenbelt, Maryland. GAMA-1 Technologies provides strategic information assurance, information security, and business enterprise and networking solutions to the Federal Government. Our success is based on the utilization of industry and agency standards, establishment of standardized processes, and IT Services expertise. At GAMA-1, we believe employees should grow, achieve, and develop just as the company grows, achieves, and develops. GAMA-1 is committed to providing our employees with opportunities for career advancement throughout their employment. For more information, visit www.gama1tech.com

GAMA-1 is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Powered by JazzHR