General Dynamics Information Technology is a global technology and professional services company that delivers technology solutions and mission services to every major agency across the U.S. government. The AWS Cloud Security Engineer will work as part of an agile development team to secure AWS cloud environments and support enterprise cloud modernization initiatives, focusing on continuous vulnerability management and compliance monitoring.
Responsibilities:
- Implement, configure, and manage CNAPP capabilities across AWS cloud environments supporting FedRAMP High compliance requirements
- Configure and maintain AWS-native security services
- Implement and monitor Cloud Security Posture Management (CSPM), Cloud Infrastructure Entitlement Management (CIEM), workload protection, runtime security, vulnerability management, attack-path analysis, encryption controls, network segmentation, backup/recovery protections, and continuous compliance monitoring capabilities
- Monitor and analyze Wiz vulnerabilities, Splunk alerts, AWS security findings, SIEM events, runtime alerts, and New Relic dashboards to identify threats, validate remediation efforts, and support continuous cloud security operations and incident response activities
- Implement and validate security baselines, policy enforcement mechanisms, encryption standards, workload isolation controls, secrets protection, secure storage configurations, and least-privilege access controls aligned with Zero Trust principles
- Integrate CNAPP tooling with SIEM, logging, monitoring, alerting, automated remediation, and incident response platforms to support centralized cloud security operations
- Support continuous ATO activities by developing and maintaining SSPs, security implementation procedures, SOPs, mitigation plans, technical runbooks, automated remediation playbooks, audit evidence, POA&M documentation, and operational security documentation supporting FedRAMP, NIST 800-53, FISMA, and Judiciary security requirements
Requirements:
- 10 + years of related experience
- Technical Training, Certification(s) or Degree and 10+ years of general experience in information systems required
- 7+ years of cybersecurity experience with at least 4+ years focused on AWS cloud security and CNAPP technologies
- Hands-on experience implementing and operating Wiz and AWS-native CNAPP/security services in enterprise cloud environments
- Strong experience with CSPM, CIEM, workload protection, runtime security, vulnerability management, cloud compliance monitoring, and cloud attack-path analysis
- Strong understanding of Zero Trust Architecture (ZTA), FedRAMP High, NIST 800-53, FISMA, CIS Benchmarks, and cloud security best practices
- Experience supporting vulnerability remediation, incident response, compliance assessments, and continuous monitoring activities in regulated cloud environments
- Ability to support after-hours vulnerability scanning, incident response, and critical security remediation activities as required
- AWS Certified Security - Specialty
- Certified Kubernetes Security Specialist
- AWS Certified Solutions Architect - Professional