As Sr. Cloud Engineer I, you’ll integrate robust security practices into cloud-based, mobile, and on-premises systems, ensuring the security and compliance of AWS and/or GCP environments. This role involves designing, implementing, and managing security controls across various environments and aligning cloud infrastructure with the Department of State's compliance and risk management objectives.
We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed withour people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.
If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!
What you’ll do:
- Implement security defense, protection, detection, and response capabilities across cloud and hybrid environments, including AWS and mobile systems.
- Lead the integration of static and dynamic security testing into CI/CD pipelines (GitLab) to enable faster iteration and secure deployments. Ensure that security vulnerabilities are detected and resolved early in the development lifecycle.
- Manage Kubernetes and Docker container security, ensuring scalable and secure operations across multiple environments. Implement container isolation strategies to minimize risks and improve security across CI/CD stages.
- Lead the shift to IaC using Terraform and AWS CloudFormation, with automated scanning and remediation of security vulnerabilities in cloud resource configurations prior to deployment.
- Implement secure secrets management protocols to protect sensitive data across different environments and services. Ensure that the organization adheres to the highest standards of security for data protection.
- Develop and enforce AWS and/or GCP Service Control Policies (SCPs) to govern security risks across different operational environments (Development, Testing, Staging, Production) and ensure compliance with organizational and federal regulatory requirements.
- Work closely with the ISSO and System Owner to represent security interests during audits and assessments, securing multiple Authorizations to Operate (ATO) and maintaining compliance with FedRAMP, ITAR, and NIST standards.
- Conduct comprehensive risk evaluations in collaboration with CISA, assessing cloud environments across numerous AWS accounts. Identify vulnerabilities and enforce risk-based policies to align cloud infrastructure with compliance standards.
What you’ll need to succeed:
- Active Top-Secret clearance or higher required.
- 5+ years of experience in cloud security, with a strong focus on AWS and/or Google Cloud environments, security automation, and compliance.
- Strong hands-on experience with AWS security tools, including GuardDuty, Security Hub, IAM, and KMS.
- Extensive knowledge of CI/CD pipeline integration (GitLab), with security testing tools for continuous delivery.
- Proficiency in container orchestration and security with Docker and Kubernetes.
- Expertise in Infrastructure as Code using Terraform and CloudFormation, with a focus on security automation.
- Proven track record in implementing security policies, IAM configurations, and environment isolation in AWS GovCloud and/or GCP equivalent
- Advanced understanding of U.S. government compliance frameworks, including FedRAMP, NIST 800-53, and ITAR.
- AWS Certified Security – Specialty, AWS Certified Solutions Architect, or equivalent (or GCP equivalent)
Like we said, we are big fans of our people. That’s why we offer a generous benefits package, professional growth, and valuable time to recharge. Learn more about our company culture code and benefits. Plus, check out our accolades.
Don’t meet every single requirement?
Studies have shown that women, people of color and the LGBTQ+ community are less likely to apply to jobs unless they meet every single qualification. At MetroStar we are dedicated to building a diverse, inclusive, and authentic culture, so, if you’re excited about this role, but your previous experience doesn’t align perfectly with every qualification in the job description, we encourage you to go ahead and apply. We pride ourselves on making great matches, and you may be the perfect match for this role or another one we have. Best of luck! – The MetroStar People & Culture Team
What we want you to know:
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.
MetroStar Systems is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The statements herein are intended to describe the general nature and level of work being performed by employees and are not to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of MetroStar Systems.
Not ready to apply now?
Sign up to join our newsletter here.
"EEO IS THE LAW MetroStar Systems, LLC (MetroStar) invites any employee and/or applicant to review the Company’s Affirmative Action Plan. This plan is available for inspection upon request by emailing msshr@metrostar.com."
