RavenTek
Discover the RavenTek difference. We bring together the world’s leading innovators and problem solvers to deliver agile solutions & services.
Job Title: Senior Cloud Security Engineer
Department: Operations – Services
Reports To: RavenTek Program Manager
Location: Remote (must reside in and perform all work in the US)
Schedule: Monday – Friday
Hours: Full-time, 40-hours/week
FLSA Status: Salary, Exempt
Clearance: Public Trust
Position Summary
The Senior Cloud Security Engineer will support The Department of Homeland Security (DHS) providing support to other Units and Offices within the DHS to ensure the success of the program's mission. The Senior Cloud Security Engineer, specializing in RHEL SAP images, will be responsible for designing, implementing, and maintaining secure RHEL images tailored for SAP environments. They will collaborate closely with our customers, internal teams, and ISSOs/ISSMs to ensure that security best practices are integrated into the build and maintenance processes. The performance of the position is key to RavenTek’s performance on the DHS DCCO contract, and therefore RavenTek’s mission to support the Department of Homeland Security.
Essential Duties and Responsibilities
* Develop, configure, and maintain RHEL SAP images to meet customer requirements.
* Ensure images are optimized for performance, security, and compliance.
* Automate build and deployment processes using tools such as GitLab, Ansible, and Terraform.
* Implement and enforce security policies and practices in line with standards and regulatory requirements.
* Conduct regular security assessments and vulnerability scans on RHEL SAP Images.
* Apply STIGs to ensure compliance with security protocols.
* Perform regular audits to assess security posture and compliance.
* Use Nessus to conduct vulnerability scans and address identified issues.
* Collaborate with the security team to monitor and respond to security incidents.
* Work with customers to understand their requirements and provide expert guidance on secure image configuration.
* Provide technical support and troubleshooting for issues related to RHEL SAP images.
* Document processes, configurations, and best practices for customers.
* Enter actual time worked, once complete, at the end of the day, or no later than 10:00 a.m. the following workday, and submit timesheets at the end of each pay period.
* Monitor and respond to RavenTek email a minimum of 3 times per week.
* Complete required compliance training as assigned.
* Other duties as assigned.
Knowledge & Critical Skills
* In-depth understanding of security practices, including identity and access management, encryption, and network security (NIST and CIS Security frameworks).
* Expertise with STIGs and their application in securing systems.
* Expertise in using Nessus for vulnerability scanning and remediation.
* Expertise conducting security audits and addressing compliance issues.
* Expertise in building and maintaining RHEL images, specifically for SAP applications.
Education & Work Experience
* 5+ years of experience in cloud security engineering, with a focus on RHEL and SAP environments.
* 5+ years of experience with developing cloud system requirements (AWS and Azure) and infrastructure-as-code tools such as Terraform and Ansible.
* 3+ years of experience with CI/CD pipelines and automation tools (GitLab, Jenkins).
Certifications, Licenses
* Security+ (Desired)
* CISA (Desired)
* CISSP, or other security certification (Desired)
Special Requirements
* Ability to obtain a DHS Public Trust Security Clearance.
Work Environment
Employee will be working indoors in an office environment with other people. Potential moderate temperature fluctuations. Typical indoor and computer related noise level, and typical office, paper, and equipment related dust. Exposure to video display terminals occurs on a regular basis.
Physical Demands
To successfully perform the essential functions of the job, the employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear; see to read printed materials and computer screens; mobility to work in a typical office setting. Ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and may be required to provide recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee must be able to lift and/or move moderate amounts of weight, typically up to 20 pounds. Regular and predictable attendance is essential.
ADA: RavenTek will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990.
EEO/AA: RavenTek does not discriminate on the basis of race, color, national origin, sex, religion, age, disability, sexual orientation, gender identity, veteran status, height, weight, or marital status in employment or the provision of services and is an equal access/equal opportunity/affirmative action employer.
This job description is not intended to be an all-inclusive list of duties and standards of the position and will be reviewed periodically as duties and responsibilities change with business necessity. Essential job functions are subject to modification. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.
#J-18808-Ljbffr