Cloud Security Engineer III
Who is Epsilon:
Epsilon is an IT Services company that was founded in 2009 and has become an established leader in providing Information Technology services to both Federal Government and Commercial businesses across the United States. Epsilon is known for its solution-focused and innovative approach, aligning technology systems, tools, and processes with the missions and objectives of its customers.
Epsilon's headquarters are in Weaverville, NC with other corporate offices in Greenville, SC, Crystal City, VA, and Denver, CO. We have employees in 30+ States across the U.S.
Why work for Epsilon:
In joining Epsilon's team, you will have the opportunity to contribute to Epsilon's business and customer initiatives, as well as influence our brand culture through people interaction and technology advancements.
Epsilon invests in our employees by promoting from within and enabling employees to elevate their knowledge and skill set in their profession by allocating $3,000 annually in Professional Development funds. We also offer competitive pay, comprehensive benefits through one of the largest national carriers, Paid Time Off (PTO) that increases with tenure and has a generous rollover, 11 company paid Holidays, and 401(k) with immediate contribution.
Where you'll work:
You will be working onsite at SOC's Monterey, CA location.
Our Customer's Mission :
The Security Operations Center (SOC) is responsible for the overall security of enterprise-wide information systems and networks. The SOC's objectives are to protect, detect, respond, and recover from information security (IS) threats to the enterprise and associated systems. The SOC is chartered to prevent, detect, contain, and eradicate cyber threats through monitoring, intrusion detection, and protective security services to information systems. The SOC also conducts vulnerability assessments, analyzes cyber threats, monitors the email gateway, and collects information on and investigates and reports on all confirmed or suspected security incidents.
An average day:
As Cloud Security Engineer III, you will work with the security engineering team to design cybersecurity systems and/or systems of systems, onboard and configure new systems or subsystems, and reconfigure or provide security configuration feedback for NPS enterprise IT implementations. Additionally, in this position you will:
Ensure cloud environments comply with industry standards such as NIST 800-53 and FedRAMP.
Assist in approving customer cloud use cases by identifying, applying, and implementing proper security measures.
Develop automated responses in AWS using AWS Lambda and Step Functions.
Deploy, manage, and secure resources from the start of their lifecycle using CloudFormation (IaC).
Create and manage Plans of Action and Milestones (POA&M) for system integration and architecture updates.
Develop portable, reusable, and modular security-as-code solutions.
Apply Binary Logic and Regular Expression development techniques.
Implement security hardening for various operating systems, including Linux distributions and Windows.
Utilize SQL within AWS Athena to query logs from accounts and resources.
Develop, review, and implement automation playbooks.
Document Tactics, Techniques, and Procedures (TTPs) for SOC personnel to bridge knowledge gaps with new tools and services.
Maintain and update existing cybersecurity tools and systems.
Stay current on emerging cybersecurity tools and technologies, perform gap analyses, and assess and recommend cloud-native and third-party security tools.
Operate within the Git framework for version control.
Debug scripts in Bash, PowerShell, or Python.
Support vulnerability analysis, including static code analysis and tracking cybersecurity implementation issues.
Contribute to vulnerability management, penetration testing, and incident response activities.
Basic Qualifications:
As a requirement of this position, all candidates must be a U.S. Citizen. In accordance with 8 U.S.C. 1324b(a)(2)(C) , Epsilon will not consider candidates for this position who do not meet the aforementioned conditions.
Bachelor's degree in computer science, engineering, information technology, cybersecurity, or related field.
3 years of professional experience in incident detection and response (preferred), and/or system administration, database administration, network engineering, software engineering, or software development.
5+ years using NIST or ITIL process management (Incident, Change, and Request Management).
5+ years integrating and using SIEM and SOAR technology
Must hold at time of hire (preferred) or obtain within six (6) months of hire one of the following certifications: GIAC Cert: GSEC, GCIH, GCFA, GCIA, GPEN or CompTIA CASP+ as appropriate for engineer type.
Must hold at time of hire (preferred) or obtain within six (6) months of hire one of the following certifications: CompTIA: Pentest +, CYSA+; Splunk: Admin or Architect; MS: AZ - 500 or SC - [100, 200, 300, 400, 500. Certs ranked in this order of priority: MS AZ-500, Splunk Architect, Pentest+, CYSA+)
Adept at identifying and mitigating cloud computing threats, including cross-tenant attacks, container escapes, and resource exhaustion.
Experienced in working with cloud platforms like AWS, Azure, and Google Cloud, as well as various architectures such as Public, Private, multi-cloud, and Hybrid Cloud.
Strong familiarity with NIST or ITIL process management, including Incident, Change, and Request Management.
Solid expertise in modern Identity Access Management (IAM), encryption, cryptography, authentication, and authorization.
In-depth understanding of the OSI model, TCP/IP model, and essential network protocols.
Knowledgeable in open data formats, including CSV, JSON, XML, and YAML.
Proficient in scripting languages such as Bash, PowerShell, and Python.
Familiar with the MITRE framework.
Well-versed in incident response frameworks.
Knowledgeable in industry-standard security products like next-generation Firewalls, IDS/IPS, and EDR.
Preferred Qualifications:
Preferred certifications include AWS Certified Cloud Practitioner or AWS Certified Security - Specialty.
Experience in systems or software engineering.
Skilled in developing technical processes, procedures, and guidelines.
Familiar with deep learning and machine learning frameworks.
Knowledgeable in failure analysis techniques.
Proficient in identifying and mitigating web attacks such as Broken Access Control, Injection, Authentication failures, SQL injection, CSRF, and XSS.
Understanding of asset attack vectors.
Other Requirements:
Must hold an active DOD Top Secret Clearance.
Physical Demands and Working Conditions:
Listed below are the physical or mental requirements necessary for the job's performance. Reasonable accommodation may be made to enable individuals with disabilities to perform essential job functions:
Prolonged periods of computer desk work.
Dexterity of hands and fingers to operate a computer keyboard and other computer components.
Speaking and hearing are sufficient to converse and understand conversations, both in-person, telephone, and virtual meetings.
The cognitive skills needed to complete tasks, including abilities such as learning, remembering, focusing, categorizing, and integrating information for decision-making, problem-solving, and comprehending.
Ability to learn new tasks, remember processes, maintain focus, complete tasks independently, make timely decisions in the context of a workflow, and the ability to communicate with managers and co-workers.
Mental aptitude to respond appropriately in high-pressure situations or deadline-driven environments.
Maintain a professional emotional response when working with others.
Connect directly with your dedicated recruiter, Jeannine, on Epsilon's careers page.
www.epsilon-inc.com/careers
Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.
Please click here (https://www.eeoc.gov/sites/default/files/2023-06/22-088 EEOC KnowYourRights6.12ScreenRdr.pdf) to review your rights under EEO policy.
If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email careers@epsilon-inc.com .
LI-DNP