AWS Security Engineer

Vacancy expired!

Peraton Overview Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the cant be done, solving the most daunting challenges facing our customers.

Qualifications Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD.

• Knowledge of Cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication, and risk management in the Cloud.
• Experience executing tasks and sub-tasks to design, build, and integrate IT solutions and network and system security tools in the Cloud, including network firewalls, vulnerability scanning, encryption, monitoring, and Identity, Credential, or Access Management (ICAM).
• Experience in applying native Cloud security and monitoring services in AWS, such as Security Groups, Network Access Control Lists, KMS, WAF, IAM, CloudTrail and Secrets Manager
• Experience implementing AWS security and hardening, especially in a large or complex CMS environment.
• Deep knowledge of AWS and how to configure and maintain least-privilege and segregation of duty across boundaries
• Hands-on experience in driving end to end security for cloud product vulnerability scanning of application and infrastructure, penetration testing.
• Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
• Experience in applying security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security).
• Experience with DevSecOps and CI/CD Pipeline implementation.
• Ability to distill complex security problems and drive toward creative solutions.
• Ability to communicate, both orally and written, with all levels of management and end users across varying levels of technical backgrounds.
• Experience in scripting automation using tools such as Python & Bash, JSON.

• Experience with Security Incident response, continuous monitoring/audit logging (Splunk)
• Experience in Creating and testing a disaster recovery plan and platform for cloud infrastructure
• Evaluating vendor security posture (e.g. AWS, Snowflake, Databricks, etc.)
• Creating guidelines and standards for secure use of cloud technologies
• Previous experience in working on CMS programs
• Experience with the CMS Security Playbook and Acceptable Risk Safeguards
• Medicare, Medicaid or private healthcare experience

Responsibilities Peraton has an immediate need in our Health Payer Segment for an AWS Security Engineer to support the Centers for Medicare and Medicaid Services (CMS) Integrated Data Repository (IDR) Cloud Migration Contract. The position is remote. Ability to achieve Public Trust Clearance is required. Must be a US Citizen or a Green Card Holder who has worked in the US three out of the past five years. Ability to drive to the CMS client site in Baltimore, MD for occasional meetings is a plus.

The Integrated Data Repository (IDR) is the centerpiece of CMS Enterprise Data Warehouse Strategy. The IDR responds to the Agencys critical need to have an integrated data environment that contains Medicare and Medicaid data (e.g. claims, beneficiary, provider, and plan data). The underlying technology of the IDR is an integrated Hadoop and Teradata Enterprise Data Warehouse. It supports the massive volumes of data associated with CMS program benefits. This cloud migration will include migrating data from IDR Teradata, migrating IDR streams, setting up the IDR Cloud Data Warehouse, and establishing an Operations and Maintenance plan.

POSITION OVERVIEW: The position requires the individual to provide the Security leadership to build and maintain the IDR Cloud system as defined by the system architect, implementing security at all layers. Experience is required integrating IT solutions and network and system security tools in the Cloud, including network firewalls, vulnerability scanning, encryption, monitoring, and Identity, Credential, or Access Management (ICAM). This position requires an individual experienced in applying native Cloud security and monitoring services in AWS, such as Security Groups, Role based Access Control across entire system architecture, IAM boundaries, and CloudWatch.

Key Responsibilities

• Refine and lead security strategy for the overall IDR Cloud program using industry best practices and the CMS AWS shared responsibility model
• Build, manage, and implement security polices for IDR cloud infrastructure by applying CMS security standards in alignment with NIST 800-53 and Acceptable Risk Safeguards security controls
• Define and implement capabilities to detect and remediate malicious activity.
• Assist in developing continuous monitoring solutions at all levels to validate systems against baselines and respond to violations
• Leverage DevSecOps practices and tools to ensure reliability, integrity and security of the IDR Cloud system
• Ensure compliance to standards (e.g. NIST sp800-53, DISA STIG, CIS, FedRAMP)

For Colorado Residents Colorado Salary Minimum: $99,132.80 Colorado Salary Maximum:$211,910.40

The estimate displayed represents the typical salary range for this position, and is just one component of Perspecta's total compensation package for employees. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Perspecta provides a variety of benefits to employees.

Vacancy expired!