USNLX Ability Jobs

USNLX Ability Careers

Home View All Jobs (2,000,794)

Job Information

Criterion Systems Inc Cloud Security Engineer (Administrator) in Washington, District Of Columbia

We are seeking a mission-focused Cloud Security Administrator to support and contribute to our government customers success in Washington D.C.!

As a Cloud Security Administrator, you will support cloud systems engineering, administration, and maintenance for a high-visibility Executive Branch customer. Your focus will be on access control and data protection, enterprise DNS management, and security auditing. This role requires in-depth knowledge of cloud security practices, DNS management, identity and access management (IAM), and security compliance auditing.

This role is hybrid and requires 3 days a week on-site in Washington, DC.

Duties, Tasks and Responsibilities

  • Access Control and Data Protection:
    • Oversee privileged access administration, including the creation and implementation of standard guidance and workflows for granting administrative access to users.
    • Validate accesses and roles, ensuring compliance with Government policies.
    • Support cloud federation efforts by implementing and administering IAM controls, including SSO, token management, and API permissions.
    • Manage identity and access management federation for new cloud applications, facilitating the transition from Microsoft ADFS to Entra ID.
    • Facilitate the setup and enrollment of authorized customers in Microsoft COI/firewall policy exceptions for cloud applications.
  • DNS Records Management:
    • Provide technical expertise in DNS and related security standards, including DNSSEC, DMARC, DKIM, and SPF.
    • Draft and execute processes for DNS management, including YAML file configuration, code commits, pull requests, and peer reviews.
    • Conduct regular audits of DNS records, reviewing and updating GitHub access controls and permissions to ensure record consistency and accuracy.
    • Maintain Infrastructure as Code (IaC) capabilities within a GitHub environment, using tools such as OctoDNS for automated DNS records management
  • Security Auditing:
    • Conduct regular audits to measure compliance across the cloud application portfolio.
    • Audit access, privileges, and entitlements to ensure alignment with least privilege principles and to identify unauthorized access or privilege escalations.
    • Audit application security policies, ensuring universal application and timely remediation of vulnerabilities.
    • Prepare detailed reports of audit findings and compliance gaps, providing recommendations for remediation and presenting remediation plans to leadership within 30 days of each audit.
    • Track remediation progress and provide updates through internal status reports and formal Quarterly Executive Security Reviews.
  • Implement continuous improvement efforts based on audit results, industry trends, and Government feedback to enhance security auditing processes and maintain alignment with evolving security threats.

Required Experience, Education, Skills and Technologies

  • Active DoD TS/SCI Clearance
  • Bachelors degree in Engineering, Computer Science, or related field (or additional 4 years of experience in lieu of degree).
  • DoD 8570 IAT II Certification or higher
  • 7+ years of experience including cloud security administration, incident response, IAM, and DNS management.
  • Strong proficiency in DNS including DNSSEC, DMARC, DKIM, SPF
  • Experience using GitHub; experience using OctoDNS for DNS management strongly preferred
  • Knowledge of SSO and cloud authentication mechanisms
  • Experience supporting and/or participating in cloud application security assessments
  • Excellent written and verbal communication skills, with the ability to produce detailed reports and documentation.

Security Clearance Level

  • Minimum TS/SCI

Certification

  • DoD 8570 IAT II Certification or higher (e.g., Security+, CCNA Security, CySA+, GICSP, GSEC, CND, SSCP) https://public.cyber.mil/cw/cwmp/d d-approved-8570-baseline-certifications

Work Schedule

  • Full-time hybrid, on-site 3 days/week

Benefits Offered

  • Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.

Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization.We believe in treating all applicants and employees fairly and make employment decisions without regard to any individuals protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visithttps://careers-criterion-sys.icims.com/.{rel="noopener" target="_blank"}

DirectEmployers