GDIT is a global technology and professional services company that delivers consulting, technology, and mission services. The AWS Cloud Security Engineer will work as part of an agile development team to secure AWS cloud environments and support enterprise cloud modernization initiatives through advanced technical expertise and compliance monitoring.
Responsibilities:
- Implement, configure, and manage CNAPP capabilities across AWS cloud environments supporting FedRAMP High compliance requirements
- Configure and maintain AWS-native security services
- Implement and monitor Cloud Security Posture Management (CSPM), Cloud Infrastructure Entitlement Management (CIEM), workload protection, runtime security, vulnerability management, attack-path analysis, encryption controls, network segmentation, backup/recovery protections, and continuous compliance monitoring capabilities
- Monitor and analyze Wiz vulnerabilities, Splunk alerts, AWS security findings, SIEM events, runtime alerts, and New Relic dashboards to identify threats, validate remediation efforts, and support continuous cloud security operations and incident response activities
- Implement and validate security baselines, policy enforcement mechanisms, encryption standards, workload isolation controls, secrets protection, secure storage configurations, and least-privilege access controls aligned with Zero Trust principles
- Integrate CNAPP tooling with SIEM, logging, monitoring, alerting, automated remediation, and incident response platforms to support centralized cloud security operations
- Support continuous ATO activities by developing and maintaining SSPs, security implementation procedures, SOPs, mitigation plans, technical runbooks, automated remediation playbooks, audit evidence, POA&M documentation, and operational security documentation supporting FedRAMP, NIST 800-53, FISMA, and Judiciary security requirements
Requirements:
- Over 10 years of experience in information systems, with a focus on AWS cloud security and CNAPP technologies
- Hands-on experience with security tools like Wiz and Splunk
- Knowledge of compliance frameworks such as FedRAMP and NIST
- Technical Training, Certification(s) or Degree and 10+ years of general experience in information systems required
- 7+ years of cybersecurity experience with at least 4+ years focused on AWS cloud security and CNAPP technologies
- Hands-on experience implementing and operating Wiz and AWS-native CNAPP/security services in enterprise cloud environments
- Strong experience with CSPM, CIEM, workload protection, runtime security, vulnerability management, cloud compliance monitoring, and cloud attack-path analysis
- Strong understanding of Zero Trust Architecture (ZTA), FedRAMP High, NIST 800-53, FISMA, CIS Benchmarks, and cloud security best practices
- Experience supporting vulnerability remediation, incident response, compliance assessments, and continuous monitoring activities in regulated cloud environments
- Ability to support after-hours vulnerability scanning, incident response, and critical security remediation activities as required
- Ability to pass a background check to obtain and maintain a position of Public Trust with the Administrative Office of the US Courts
- Must be a US Person (Green Card Holder, US Permanent Resident Alien, Refugee, Asylee, US Citizen)
- HS Diploma & 16+ Years Experience
- AA/AS & 14+ Years Experience
- BA/BS & 12+ years Experience
- MA/MS & 10+ Years Experience
- Doctorate Degree/Ph.D. & 9+ Years Experience (may subtract 1 year from required experience with Doctorate Degree)
- AWS Certified Security - Specialty
- Certified Kubernetes Security Specialist
- AWS Certified Solutions Architect - Professional