Senior Cloud Security Engineer
United States of America
Full Time
2 weeks ago
$147,000 - $199,000 USD
H1B Sponsor Likely
Key skills
PythonGoAIMachine LearningPandasDatabricksAWSAzureGoogle CloudTerraformKubernetesDockerAnsibleEKSAKSGKECloudFormationGlueOAuthSAMLGitOpsService MeshCI/CDOWASPCloud SecurityWAFFirewall
About this role
General Dynamics Information Technology is a global technology and professional services company that delivers consulting, technology, and mission services to various U.S. government agencies. They are seeking a Senior Cloud Security Engineer to implement technical strategies for securing a hybrid ecosystem and to ensure a high-quality security posture through automated compliance assessments and proactive threat detection.
Responsibilities:
- Design and implement automated compliance assessments to enforce hardening standards (CIS, NIST) across cloud accounts and on-premises virtualized environments
- Architect and maintain the security of our sprawling asset inventory
- Implement data-at-rest and data-in-transit encryption strategies that span from physical data center servers to cloud-native storage
- Develop and secure the "Identity Fabric" linking 600k+ employees and millions of commercial customers
- Collaborate with Fraud teams to integrate signals from SIEM and Databricks to detect and block malicious account activity
- Build and manage secure connectivity (Transit Gateways, Service Mesh) between on-premises hypervisors and multi-cloud environments, ensuring consistent policy enforcement
- Partner with the SOC to develop high-fidelity detection logic
- Build SOAR playbooks that automate the isolation of compromised cloud workloads or on-premises VMs
- Support ongoing "Purple Team" exercises and control testing to validate that security tools (EDR, WAF, DLP) are performing as intended across all tenants
- Establish security guardrails for the enterprise's internal and customer-facing AI models
- Drive the transition from manual "click-to-operate" security to Autonomous Security Operations
- Partner with business units to integrate security "invisibly" into their workflows
- Use automation to reduce "security friction" in logistics and retail operations
- Discover and catalog "Shadow AI" usage across the enterprise
Requirements:
- 8+ years of related experience
- B.S. or M.S. in Computer Science, Information Security, or a related technical field. If resources do not have a relevant college degree, an additional 4 years of relevant work experience is required
- 8+ years in a technical Cybersecurity Engineering role, with at least 4 years focused on large-scale cloud or hybrid environments, and a portfolio of projects where AI or Machine Learning was directly applied to solve security or operational scaling problems
- Demonstrated experience managing environments with 10,000+ workloads and high-availability requirements for retail/commercial applications
- Experience with CI/CD and GitOps workflows, treating security configurations as code that is automatically tested and deployed
- Expert-level knowledge of security architectures in AWS, Azure, and Google Cloud
- Mastery of Terraform, Ansible, or CloudFormation to deploy and manage security configurations at massive scale
- Ability to leverage Databricks to perform deep-dive analysis on billions of logs for threat hunting and efficacy reporting
- Experience securing Kubernetes (EKS/AKS/GKE) and Docker environments, focusing on runtime protection and image integrity
- Proficiency with OAuth 2.0, SAML, and CIAM solutions for large-scale customer and employee authentication
- Proficiency in using Python (PySpark/Pandas) within Databricks to build custom anomaly detection models that go beyond standard SIEM correlation rules
- Knowledge of the OWASP Top 10 for LLMs and experience implementing AI gateways or 'firewalls' to monitor and filter AI-generated traffic
- Deep expertise in building 'glue code' that connects disparate COTS and custom applications via secure, automated APIs to streamline cross-functional business activities
- The ability to explain to non-technical stakeholders how AI-driven security decisions (like blocking a suspicious $1M commercial transaction) are made and how to handle 'false positives' at scale
- A relentless focus on identifying repetitive manual tasks (e.g., firewall rule reviews, access audits) and replacing them with self-healing, automated systems
- Ability to obtain and maintain a Public Trust clearance and successfully pass a thorough Government background screening process requiring the completion of detailed forms and fingerprinting
- CISSP (Certified Information Systems Security Professional)
- CCSP (Certified Cloud Security Professional)
- Cloud-specific Professional Security Certifications (e.g., AWS Certified Security – Specialty or Google Professional Cloud Security Engineer)