CrawlJobs Logo
Booz Allen Hamilton Logo Booz Allen Hamilton · IT - Software Development

Cloud Information Systems Security Engineer

United States, Fayetteville 61900.00 - 141000.00 USD / Year · Job Posted January 04, 2026
Apply Position
Job Link Share

Job Description

Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government clients. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is you—an information systems security engineer who will break down complex threats into manageable plans of action and mitigation approaches. As an Information Systems Security Engineer on our team, you’ll use your experience to work with highly skilled engineers and military leaders to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You’ll review technical and architectural details from highly complex teams to assess the entire threat landscape of our client Hybrid-Cloud based Platform. Then, you’ll guide your client through a plan of action to minimize attack surfaces on applications, understand architecture, and mitigate vulnerabilities. You’ll work with your client to translate security concepts to technical implementation so they can make the best decisions to secure critical and operational hybrid-cloud based services. This is your opportunity to act as an information security subject matter expert while broadening your skills in cloud computing, DevSecOps, Infrastructure as Code, Kubernetes, CI/CD, and application development. Work with us as we protect national security mission systems for the Warfighter.

Job Responsibility

  • Work with highly skilled engineers and military leaders to discover their cyber risks, understand applicable policies, and develop a mitigation plan
  • Review technical and architectural details from highly complex teams to assess the entire threat landscape of our client Hybrid-Cloud based Platform
  • Guide your client through a plan of action to minimize attack surfaces on applications, understand architecture, and mitigate vulnerabilities
  • Work with your client to translate security concepts to technical implementation so they can make the best decisions to secure critical and operational hybrid-cloud based services
  • Act as an information security subject matter expert while broadening your skills in cloud computing, DevSecOps, Infrastructure as Code, Kubernetes, CI/CD, and application development

Requirements

  • 5+ years of experience with software supply chain security and secure SDLC practices such as SLSA or NIST SSDF, including build provenance, artifact integrity, dependency management, and security gates in CI/CD pipelines
  • 5+ years of experience securing CI/CD platforms, including pipeline hardening, secrets management, access control, integration of SAST, DAST, and SCA, container scanning, and enforcement of remediation policies
  • 5+ years of experience with container, image, and host vulnerability management using tools such as Trivy, Grype, Anchore, or AWS Inspector, including policy-driven vulnerability remediation
  • Experience building, securing, and operating Dockerized applications, including secure Dockerfile patterns, image lifecycle management, and runtime security hardening
  • Experience deploying and operating workloads on Kubernetes EKS, GKE, AKS, or self-managed, including Helm-based deployment and management of security tooling
  • Experience with scripting and automation, including advanced Bash, intermediate+ Python, and basic PowerShell, to automate security workflows, controls, and integrations
  • Experience with Linux system security and AWS cloud services such as EC2, EKS/ECS, IAM, S3, VPC, KMS, CloudTrail, or GuardDuty, including system hardening, logging, monitoring, and collaboration with engineering and platform teams to document controls and guide remediation
  • TS/SCI clearance
  • HS diploma or GED
  • Ability to obtain a DoD 8570 IAT or IAM Level II Certification, including Security+ Certification, within 60 days of hire date

Nice to have

  • Experience with DevOps or platform engineering, including building and maintaining CI/CD pipelines
  • Experience implementing Zero Trust security models in CI/CD pipelines and cloud environments
  • Experience with advanced container runtime security, including containerd or Kata Containers, and container registry hardening, including ECR, GCR, or ACR
  • Knowledge of securing AI and LLM-based systems and emerging AI-specific security risks
  • Experience interpreting vulnerability scan results, tuning baselines, and prioritizing remediation using a risk-based approach
  • Experience with basic forensic triage and incident response activities on Linux systems
  • Knowledge of infrastructure-as-code tools such as Terraform or CloudFormation for automating security controls
  • Knowledge of Kubernetes security best practices for service meshes, eBPF-based security tooling, ingress or WAF, and logging or monitoring stacks
  • Knowledge of additional programming languages such as Go or JavaScript to better assess application behavior and security risk
  • AWS Security Certification such as Security Specialty, Solutions Architect Associate, or Solutions Architect Professional Certification

What we offer

  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Booz Allen Hamilton - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cloud Information Systems Security Engineer

8 matching positions

Software Engineer 3 - Cloud Security

This role has been designed as ‘Hybrid’ with an expectation that you will work o...
Location
Location
United States , San Jose
Salary
Salary:
90400.00 - 208500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent
  • Typically 2-4 years experience
  • Using software systems design tools and languages
  • Ability to apply analytical and problem solving skills
  • Designing software systems running on multiple platform types
  • Software systems testing methodology, including execution of test plans, debugging, and testing scripts and tools
  • Strong written and verbal communication skills
  • mastery in English and local language
  • Ability to effectively communicate design proposals and negotiate options
Job Responsibility
Job Responsibility
  • Designs limited enhancements, updates, and programming changes for portions and subsystems of systems software, including operating systems, compliers, networking, utilities, databases, and Internet-related tools
  • Analyzes design and determines coding, programming, and integration activities required based on specific objectives and established project guidelines
  • Executes and writes portions of testing plans, protocols, and documentation for assigned portion of application
  • identifies and debugs issues with code and suggests changes or improvements
  • Participates as a member of project team of other software systems engineers and internal and outsourced development partners to develop reliable, cost effective and high quality solutions for assigned systems portion or subsystem
  • Collaborates and communicates with internal and outsourced development partners regarding software systems design status, project progress, and issue resolution
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Senior Systems Security Engineer

AnaVation is looking for a Sr. Systems Security Engineer to assist the customer ...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-10 years of experience in information system engineering and configuration management
  • 5 years of experience in control implementation and secure system engineering or design
  • Excellent communication skills
  • Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management
  • SIEM tools (e.g., Splunk)
  • Vulnerability Scanning tools (e.g., Tenable, Nessus)
  • EDR tools (e.g., Crowdstrike)
  • Web App Scanning tools (e.g., Burpsuite, Acunetix)
  • Active Directory
  • SANs
Job Responsibility
Job Responsibility
  • Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications
  • Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance
  • Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles
  • Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs
  • Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF)
  • Conducting, configuring, and managing vulnerability scans
  • Conducting vulnerability remediations, patching, and system hardening
  • Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls
  • Support security assessments, audits, and accreditation/authorization (ATO) activities
  • Document security configurations, engineering solutions, and compliance evidence
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
  • 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
  • Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
  • SAFe Agile environments and integrating security in Agile workflows
  • Networking, Linux/Windows system administration, and secure software development practices
  • Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
  • Experience in managing security documentation, participating in audits, and working with compliance frameworks
  • Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
  • Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
  • Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
  • Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
  • Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
  • Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
  • Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
  • Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
  • Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Senior Cloud Security Engineer

Senior Cloud Security Engineer (Infrastructure and Security) – New York – Compet...
Location
Location
United States , New York
Salary
Salary:
Not provided
weareorbis.com Logo
Orbis Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Several years of experience working in a similar role with a focus on Cloud Security in AWS
  • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools
  • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc.
  • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response
  • Experience taking part in an on-call rotation
  • You are passionate about securing infrastructure, reducing risk, and protecting data!
  • You are a subject matter expert on cloud security in AWS
  • You have a solid understanding of network architecture and protocols
  • You can advise on cloud security policies and procedures
Job Responsibility
Job Responsibility
  • Serve as a cloud security subject matter expert, advise on and implementing best practices
  • Respond to security incidents and provide timely and appropriate solutions
  • Conduct cloud security risk assessments and audits
  • Conduct investigations into security incidents and potential threats
  • Take part in on call rotations for incident response and remediation
  • Assist with policy management, security audits, and due diligence for cloud security concerns
  • Advise on, configuring, and managing a variety of security tools
  • Keep informed about and respond to emerging security threats and vulnerabilities
  • Assist with cloud security reviews of potential vendors
What we offer
What we offer
  • Competitive Package
  • Opportunity to work with an Ambitious, Young, Growing Organisation
  • Fulltime
Read More
Arrow Right

Senior Cloud Security Engineer

Senior Cloud Security Engineer (Infrastructure and Security) – New York – Compet...
Location
Location
United States , New York
Salary
Salary:
Not provided
weareorbis.com Logo
Orbis Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Several years of experience working in a similar role with a focus on Cloud Security in AWS
  • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools
  • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc.
  • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response
  • Experience taking part in an on-call rotation
  • You are passionate about securing infrastructure, reducing risk, and protecting data!
  • You are a subject matter expert on cloud security in AWS
  • You have a solid understanding of network architecture and protocols
  • You can advise on cloud security policies and procedures
Job Responsibility
Job Responsibility
  • Serve as a cloud security subject matter expert, advise on and implementing best practices
  • Respond to security incidents and provide timely and appropriate solutions
  • Conduct cloud security risk assessments and audits
  • Conduct investigations into security incidents and potential threats
  • Take part in on call rotations for incident response and remediation
  • Assist with policy management, security audits, and due diligence for cloud security concerns
  • Advise on, configuring, and managing a variety of security tools
  • Keep informed about and respond to emerging security threats and vulnerabilities
  • Assist with cloud security reviews of potential vendors
What we offer
What we offer
  • Competitive Package
  • Opportunity to work with an Ambitious, Young, Growing Organisation
  • Significant growth potential
  • Not corporate culture
  • Trust employees to take on a lot of responsibility and have input into the shape of growth of the organisation
  • Fulltime
Read More
Arrow Right

Senior Cloud Security Engineer

Senior Cloud Security Engineer (Infrastructure and Security) – New York – Compet...
Location
Location
United States , New York City
Salary
Salary:
Not provided
weareorbis.com Logo
Orbis Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Several years of experience working in a similar role with a focus on Cloud Security in AWS
  • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools
  • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc.
  • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response
  • Experience taking part in an on-call rotation
  • You are passionate about securing infrastructure, reducing risk, and protecting data!
  • You are a subject matter expert on cloud security in AWS
  • You have a solid understanding of network architecture and protocols
  • You can advise on cloud security policies and procedures
Job Responsibility
Job Responsibility
  • Serve as a cloud security subject matter expert, advise on and implementing best practices
  • Respond to security incidents and provide timely and appropriate solutions
  • Conduct cloud security risk assessments and audits
  • Conduct investigations into security incidents and potential threats
  • Take part in on call rotations for incident response and remediation
  • Assist with policy management, security audits, and due diligence for cloud security concerns
  • Advise on, configuring, and managing a variety of security tools
  • Keep informed about and respond to emerging security threats and vulnerabilities
  • Assist with cloud security reviews of potential vendors
What we offer
What we offer
  • Competitive Package
  • Opportunity to work with an Ambitious, Young, Growing Organisation
  • Significant growth potential
  • Not corporate culture
  • Trust employees to take on a lot of responsibility and have input into the shape of growth of the organisation
  • Fulltime
Read More
Arrow Right

Senior Cloud Security Engineer

Senior Cloud Security Engineer (Infrastructure and Security) – New York – Compet...
Location
Location
United States , New York
Salary
Salary:
Not provided
weareorbis.com Logo
Orbis Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Several years of experience working in a similar role with a focus on Cloud Security in AWS
  • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools
  • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc.
  • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response
  • Experience taking part in an on-call rotation
  • You are passionate about securing infrastructure, reducing risk, and protecting data!
  • You are a subject matter expert on cloud security in AWS
  • You have a solid understanding of network architecture and protocols
  • You can advise on cloud security policies and procedures
Job Responsibility
Job Responsibility
  • Serve as a cloud security subject matter expert, advise on and implementing best practices
  • Respond to security incidents and provide timely and appropriate solutions
  • Conduct cloud security risk assessments and audits
  • Conduct investigations into security incidents and potential threats
  • Take part in on call rotations for incident response and remediation
  • Assist with policy management, security audits, and due diligence for cloud security concerns
  • Advise on, configuring, and managing a variety of security tools
  • Keep informed about and respond to emerging security threats and vulnerabilities
  • Assist with cloud security reviews of potential vendors
What we offer
What we offer
  • Competitive Package
  • Opportunity to work with an Ambitious, Young, Growing Organisation
  • Fulltime
Read More
Arrow Right

Information Systems Security Engineer

STR has an exciting opportunity for a well-rounded cybersecurity professional to...
Location
Location
United States , Woburn
Salary
Salary:
136000.00 - 170000.00 USD / Year
str.us Logo
STR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active Top Secret security clearance with the ability to obtain SAP and SCI access (U.S. citizenship required)
  • 3-5 years of technical (hands-on) experience in Information Assurance/Cyber Engineering, including requirements development and implementation
  • DoD 8570 IAM Level III certification (CISA, CISM, CISSP, etc.) or the ability to obtain within 6 months of hire
  • Knowledge of the DCSA Authorization and Assessment Process Manual (DAAPM) and the Joint Special Access Implementation Guide (JSIG)
  • Configuration, certification, and auditing/analysis of Windows/Linux operating systems and system virtualization in peer-to-peer, LAN & WAN networks
  • Managing and implementing DISA STIGs and benchmarks in various operating systems (Windows, RHEL, Ubuntu)
  • Using IA vulnerability/compliance scanning tools (e.g., NMap, ACAS, Nessus, Security Content Automation Protocol (SCAP))
  • Maintaining/managing Security Incident and Event Management (SIEM) and centralized auditing tools (e.g., Splunk, PowerStrux)
  • Familiarity with Microsoft Deployment Toolkit (MDT)
  • Supporting the hardening of new builds of Information Systems (IS) and ensuring full functionality before deployment
Job Responsibility
Job Responsibility
  • Conduct both vulnerability and compliance scans of Information Systems
  • Support the development of Risk Management Framework (RMF) documentation and control validation testing for Authority to Operate (ATO) accreditations
  • Develop cybersecurity requirements, design, and architecture for current and emerging program needs
  • Implement Information Assurance and Information Security protections and requirements in program development and execution environments
  • Apply required security controls to networking devices, databases, operating systems, and hardware/software components
  • Assist ISSMs and ISSOs in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities
  • Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, ensuring all security features are implemented and functional
  • Support the completion of Continuous Monitoring requirements in accordance with RMF and NIST SP800-53 standards
  • Perform other tasks as assigned by the manager
  • Fulltime
Read More
Arrow Right