AWS Cloud Security Engineer (Contract – Hybrid – Manassas, VA)

A prominent client, the world’s leading provider of secure financial messaging services, is seeking a highly skilled AWS Cloud Security Engineer (Contract – Hybrid – Manassas, VA) to join their team. This contract position, based in Manassas, Virginia, requires onsite presence no less than 2 days a week, blending in-office collaboration with remote flexibility. Reporting to the Global Security department, you’ll be instrumental in the company’s digital transformation, contributing to its evolving Hybrid Hosting Strategy and significantly enhancing its Cloud Security practices. The ideal candidate will have experience defining and implementing robust security controls for dynamic cloud environments.

AWS Cloud Security Engineer (Contract – Hybrid – Manassas, VA)

Location: Manassas, VA – This is a Hybrid role, requiring onsite presence at least 2 days per week.

Employment Type: Contract

Pay Range: Not Specified

Industry: Computer and Mathematical

Summary: Fortifying Cloud Security in Financial Messaging

As a senior member of the Global Security department, your role as an AWS Cloud Security Engineer is pivotal to the company’s internal digital transformation and its strategic adoption of a Hybrid Hosting approach. You will directly contribute to enhancing cloud security practices within an evolving and highly sensitive financial messaging environment. The ideal candidate brings a proven track record in defining and implementing robust security controls, ensuring the highest levels of data protection and compliance.

Job Description: Leading Security and Compliance in the Cloud

As a senior member of the team, you will undertake moderately complex projects that directly impact the security and compliance posture of Swift’s cloud infrastructure, compute resources, and network components. You will also play a crucial role in shaping cloud security policies and procedures, ensuring they are effective, appropriate, and aligned with company objectives, reputation, and stringent regulatory requirements inherent in financial services.

Job Responsibilities: Driving Cloud Security Excellence

Your responsibilities will be multifaceted, spanning the definition of security standards, vulnerability management, operationalizing new features, and providing expert support for cloud migrations, all while adhering to the highest standards of security and compliance.

• Define and Maintain Cloud Security Standards and Procedures: You will be responsible for meticulously defining and maintaining cloud security standards and procedures. This involves establishing clear guidelines for secure cloud configurations, access controls, network segmentation, data encryption, and operational best practices. Your work ensures a consistent and robust security posture across the entire cloud footprint.
• Manage Cloud Security Findings (Vulnerabilities and Configurations): A critical daily task involves managing cloud security findings, specifically addressing detected vulnerabilities and misconfigurations. You will analyze scan reports, prioritize remediation efforts, and track the lifecycle of these findings, working to minimize the attack surface and enhance the overall security health of cloud assets.
• Operationalize New Cloud Security Features and Services: You will take a key role in operationalizing new cloud security features and services that have been designed and developed by the Cloud Platform Security Engineering team. This includes planning their rollout, configuring them for production environments, creating documentation, and ensuring that they are fully integrated into daily security operations to provide maximum protective value.
• Support Workload Migration to Cloud: You will provide essential security support for various workloads (both application and infrastructure security) as they undergo migration to the cloud. This involves ensuring that security best practices are embedded into the migration process from the outset, addressing potential vulnerabilities, and validating that migrated workloads adhere to all security and compliance requirements post-migration.
• Day-to-Day Administrative and Operational Activities for Vulnerability Management: You will support the day-to-day administrative and operational activities for vulnerability and configuration hardening management. This includes diligently assessing and triaging identified vulnerabilities and misconfigurations, evaluating security exceptions, analyzing risk scenarios, and ensuring that remediation plans are effective and executed promptly. You will be a hands-on contributor to maintaining a strong security posture.
• Build Understanding of Vulnerabilities and Misconfigurations Management Process: You will actively build and promote a deeper understanding of vulnerabilities and misconfigurations management processes, including related controls, and clearly define key roles and responsibilities across teams. This involves educating stakeholders, fostering a security-aware culture, and ensuring that all parties involved understand their part in maintaining a secure cloud environment.
• Create and Maintain Process Documentation: You will meticulously create and maintain comprehensive documents and flow charts to document security processes. This includes detailing operational procedures, security guidelines, and incident response workflows, ensuring that critical information is accessible, accurate, and easily understood by all relevant teams.
• Translate Requirements into Agile User Stories: You will be adept at translating security requirements and root cause fixes into actionable Agile user stories or work items for cloud platform/workload Engineers and Developers. This ensures that security mandates are clearly communicated and integrated into the development and operational pipelines, facilitating efficient implementation and remediation.
• Engage with Application Owners and Provide User Support: You will actively engage and work directly with application owners, understanding their specific security needs and challenges. You will onboard users to cloud security tools, provide ongoing user support for these tools, perform user acceptance tests (UATs), and diligently troubleshoot cloud tool issues to ensure smooth adoption and effective utilization of security controls.
• Develop Automation for Repeatable Scenarios: You will develop automation solutions to solve repeatable scenarios, enhancing efficiency and reducing manual effort. This includes scripting for reporting, reconfigurations, and leveraging AWS Lambda functions for serverless automation. A strong preference for Python as the primary scripting language for these automation efforts is indicated.

What Will Make You Successful? Essential Qualifications and Skills

To thrive as an AWS Cloud Security Engineer, you will need a strong blend of technical expertise, analytical capabilities, and soft skills that enable effective collaboration and continuous improvement in a fast-paced security environment.

• Relevant Work Experience (5+ years): You must possess 5+ years of relevant work experience in cloud security, cybersecurity operations, or a closely related field. This extensive background demonstrates a proven track record of handling complex security challenges in enterprise environments.
• Educational Background: A Bachelor’s degree in computer science, Information Systems, or a related field is highly desired. This academic foundation provides a strong theoretical understanding of computing, networking, and information security principles.
• Technical Skills (Cloud Security & Core AWS):
  • Cloud Security Services (AWS Preferred): You must have hands-on experience with Cloud Security services, with a strong preference for AWS-specific security tools. This includes proficiency with AWS Inspector (for automated security assessments), AWS Security Hub (for security posture management), AWS Config (for compliance auditing and configuration changes), AWS Macie (for data discovery and sensitive data protection), and AWS Access Analyzer (for identifying unintended access to resources).
  • Core Cloud Services and Container Technologies: A deep understanding of core cloud services, particularly within AWS, is essential. This includes familiarity with AWS S3 (Simple Storage Service) for object storage, AWS EC2 (Elastic Compute Cloud) for virtual servers, AWS EKS (Elastic Kubernetes Service) for container orchestration, and AWS VPC (Virtual Private Cloud) for network isolation. You should also have a strong understanding of container technologies like Docker and Kubernetes.
  • DevOps, Infrastructure as Code, and IAM Permissions: You should have a solid understanding of DevOps principles, practical experience with Infrastructure as Code (IaC) methodologies (e.g., CloudFormation, Terraform), and deep knowledge of IAM (Identity and Access Management) Permissions within AWS. This includes managing roles, policies, and access keys to ensure secure and granular control over cloud resources.
  • Security Vulnerability and Configuration Scan Report Analysis: You must have proven experience with security vulnerability and configuration scan report analysis. This indicates your ability to interpret results from various security scanning tools, prioritize findings based on risk, and translate them into actionable remediation plans.
  • Industry Standards and Compliance Requirements: You possess a strong understanding of industry standards and compliance requirements relevant to cloud security, such as PCI-DSS (Payment Card Industry Data Security Standard) for secure credit card handling, and CIS (Center for Internet Security) Benchmarks for secure configuration guidelines. This ensures solutions meet stringent regulatory and best-practice demands.
• Soft Skills (Crucial for Collaboration and Adaptability):
  • Analytical Thinking: You demonstrate a keen analytical thinking ability to meticulously analyze complex security threats and vulnerabilities, break down intricate problems, and develop effective, data-driven mitigation strategies.
  • Problem-Solving: You possess strong problem-solving skills to address and resolve security issues promptly and efficiently, often in high-pressure situations, ensuring minimal impact on operations.
  • Communication: You have clear communication skills, both verbal and written English. This is vital for effective collaboration with technical team members, various stakeholders across the organization, and potentially external clients or vendors.
  • Continuous Learning: A commitment to continuous learning is essential, as you will be expected to stay updated with the latest security trends, emerging threats, and new AWS features and updates, ensuring your expertise remains at the forefront of cloud security.
  • Autonomous and Adaptive: You are an autonomous, driven individual with a strong ability to quickly adapt and respond to change. This flexibility is crucial in a rapidly evolving cloud and security landscape, allowing you to pivot quickly to address new challenges.
  • Customer-Oriented and Security Mindset: You possess a clear customer-oriented and security mindset, continually striving to deliver true customer value while maintaining the highest security standards. This holistic approach ensures solutions are both effective and user-friendly.
  • Open-minded and Team Player: You are open-minded, solutions-oriented, and a true team player, fostering a collaborative environment where ideas are shared, and collective success is prioritized over individual achievements.

If this AWS Cloud Security Engineer role in Manassas, VA, aligns with your extensive cloud security experience, particularly with AWS services, your automation skills, and your passion for fortifying financial messaging systems, we encourage you to learn more about this exciting hybrid contract opportunity. This is a fantastic chance to make a significant impact on enterprise-level cloud security.

To take the next step in your career and contribute to vital digital transformation initiatives, click “Apply Now.” A recruiter will be in touch with you promptly to discuss this outstanding opportunity in greater detail, answer any questions you may have, and guide you through the application process. We look forward to connecting with you and exploring how your expertise can benefit our team!