Cloud Security Engineer (AWS/GovCloud)

Overview

Design. Disrupt. Repeat.

Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is the explosive collision of human-centered design and traditional government contracting. We are an employee-owned company with a startup mindset and time-tested approaches tailored for the federal government. We're passionate about creating solutions that are impactful, practical, and scalable while meeting our clients' ever-changing needs. We believe in empowering our people to find creative solutions to intractable problems. We believe the best environment in which to grow and thrive is outside our comfort zone. We believe that while good design makes for a good product, human-centered design makes for an excellent one.

Contributions

As a Cloud Security Engineer, you will work within our growing DevSecOps practice delivering features to support developing, testing, and monitoring secure cloud architectures for cloud migration, cloud optimization and cloud deployment. We are looking for candidates with experience with cloud platform services, cybersecurity and DevOps practices such as infrastructure as code and confirmation management automation.

Responsibilities include:

• Identify and implement the most secure cloud-based solutions for the customer including components for zero-trust architectures, identity and access management policy, and data privacy
• Understanding the needs of stakeholders and optimizing solutions that marry security with usability
• Monitor cloud environments for suspicious activities with cloud native monitoring or SIEM solutions and investigate security incidents where appropriate
• Examining infrastructure as code written by others and analyzing risk
• Ensuring that systems are safe and secure against cybersecurity threats through risk assessment, threat modeling, and compliance with industry standards (e.g. NIST, ISO 27011, HIPPA, FISMA, etc.)
• Identifying technical problems, performing root cause analysis, and developing updates and 'fixes'
• Automate security processes such as vulnerability management and patch management
• Working with software developers and DevSecOps engineers to ensure that development follows established security processes and works as intended
• Support enterprise cloud security through infrastructure as code including any activities around automated server or network configurations, large-scale software deployments, and monitoring and testing
• Ensure effective design and implementation of data protection and encryption mechanisms for data at rest and in transit
• Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations
• Identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues
• Act as an individual contributor and mentor more junior team members
• Engineer and implement solutions and provide recommendations for continuous improvement for the services provided
• Present regular status updates and provide cross training to other team members.

Qualifications

Required:

• Ability to obtain a U.S. government Security Clearance
• Bachelor's degree and 10 years of experience
  • OR Master's degree and 8 years of experience
• Strong hands-on experience with Amazon Web Services (preferably GovCloud)
• Experience designing and implementing scalable cloud architectures (VPC, Lambda, API Gateway, RDS, S3)
• Proficiency in Infrastructure as Code (Terraform preferred)
• Experience integrating Salesforce with AWS services
• Understanding of data streaming and analytics (Kinesis, Athena, Power BI integration)
• Strong knowledge of cloud security architecture (IAM, least privilege, network segmentation)
• Experience implementing secure connectivity (PrivateLink, VPN, no public exposure patterns)
• Hands-on experience with encryption (TLS for transit, KMS for at-rest data)
• Familiarity with FedRAMP / NIST 800-53 / Zero Trust principles
• Experience supporting ATO documentation and security controls implementation
• Knowledge of logging, monitoring, and threat detection (CloudWatch, CloudTrail, GuardDuty)
• Exposure to DevSecOps practices (secure CI/CD, secrets management, policy enforcement)

About steampunk

Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $100,000 to $155,000. The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk's total compensation package for employees. Learn more about additional Steampunk benefits here.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers - and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com .

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.