US citizenship only, no dual citizenship
WHAT YOU'LL DO
An Engineer who actively participates in the engineering, maintenance, and ongoing operational implementation of security and privacy controls for Cisco SaaS and PaaS solutions in federal and non-federal cloud environments using proven security models for data protection. This position will collaborate with various partners, including other engineers and security compliance team members, developers, product owners, architects, etc., in the design and build of Cisco cloud SaaS for FedRAMP and other security framework compliance initiatives. You'll be expected to apply DevSecOps knowledge and experience and security standards in both government and commercial environments.
RESPONSIBILITIES:
- Drives technology design, implementation, execution and/or optimization for customer projects/accounts.
- Works with customers and business units to plan, design, configure Cisco's suite of products, services and solutions to accelerate customer outcomes
- Assists in the creation, configuration, upgrades, migration, and patching of cloud infrastructure and applications
- Implement system security by using best in class cloud security solutions and tools (e.g., Splunk, CyberArk, SailPoint, Circle CI, Artifactory, Zonatype, Jfrog, etc.)
- Works with architecture and engineering teams in specifying technical requirements to support shared components deployed according to FedRAMP, NIST, DoD RMF, and other applicable security and privacy requirements and frameworks and develop DevOps workflows and CI/CD pipelines
- Perform technical compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments and find opportunities to capitalize on automation to improve security and build the tools necessary to implement improvements
- Partners with other technical engineers and architects within the company to ensure consistency for processes and practices and implement strategic plans and to provide technical recommendations to security and compliance
- Conduct technical research to contribute to cloud security direction and planning
- Develops requirements and strategies to address information security needs
- Champion a security culture across diverse and agile engineering teams
- Follow and contribute to policies, procedures, and standards
WHO YOU ARE
You are an Engineer with a background in DevSecOps that possess the technical expertise and engineering skill which will enable you to grow into an expert resource that ensures that our solutions are secure, resilient, healthy, and performing well. You are a strong collaborator who can execute in a way that encourages creativity and continuous improvement.
Must Have Requirements:
- 3-5 years of Cloud Operations/Engineering experience
- 3 or more years of experience in one or more of these critical areas: Access Controls, Information Security Technology, Engineering, CI/CD, Operations, Application architecture, Data architecture and design, System Administration
- 1-3 years experience with Configuration Management (Terraform, Ansible, etc..)
- Demonstrate technical experience on cloud platforms (e.g., AWS, Google Cloud, or Azure) required
- Experience with configuring and deploying Identity and Access Management (IAM) roles and policies (e.g., Okta, AWS IAM, etc.), CIS foundational standards, DISA STIGS
- Experience developing and documenting operational and security process and procedures (patching, product updates, account management, change management, etc.)
- Experience with automated configuration management and deployment using tools such as Ansible, Puppet, Chef, and Python
- Knowledge of application development, systems engineering, and network engineering to develop security requirements and enterprise risk assessment methodologies
- Previous experience working within industry and government compliance standards and requirements including FedRAMP, FISMA, NIST, or DoD SRG/RMF required
location: Herndon, Virginia
job type: Contract
salary: $59.69 - 69.69 per hour
work hours: 8am to 4pm
education: No Degree Required
responsibilities:
US citizenship only, no dual citizenship
WHAT YOU'LL DO
An Engineer who actively participates in the engineering, maintenance, and ongoing operational implementation of security and privacy controls for Cisco SaaS and PaaS solutions in federal and non-federal cloud environments using proven security models for data protection. This position will collaborate with various partners, including other engineers and security compliance team members, developers, product owners, architects, etc., in the design and build of Cisco cloud SaaS for FedRAMP and other security framework compliance initiatives. You'll be expected to apply DevSecOps knowledge and experience and security standards in both government and commercial environments.
RESPONSIBILITIES:
- Drives technology design, implementation, execution and/or optimization for customer projects/accounts.
- Works with customers and business units to plan, design, configure Cisco's suite of products, services and solutions to accelerate customer outcomes
- Assists in the creation, configuration, upgrades, migration, and patching of cloud infrastructure and applications
- Implement system security by using best in class cloud security solutions and tools (e.g., Splunk, CyberArk, SailPoint, Circle CI, Artifactory, Zonatype, Jfrog, etc.)
- Works with architecture and engineering teams in specifying technical requirements to support shared components deployed according to FedRAMP, NIST, DoD RMF, and other applicable security and privacy requirements and frameworks and develop DevOps workflows and CI/CD pipelines
- Perform technical compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments and find opportunities to capitalize on automation to improve security and build the tools necessary to implement improvements
- Partners with other technical engineers and architects within the company to ensure consistency for processes and practices and implement strategic plans and to provide technical recommendations to security and compliance
- Conduct technical research to contribute to cloud security direction and planning
- Develops requirements and strategies to address information security needs
- Champion a security culture across diverse and agile engineering teams
- Follow and contribute to policies, procedures, and standards
WHO YOU ARE
You are an Engineer with a background in DevSecOps that possess the technical expertise and engineering skill which will enable you to grow into an expert resource that ensures that our solutions are secure, resilient, healthy, and performing well. You are a strong collaborator who can execute in a way that encourages creativity and continuous improvement.
Must Have Requirements:
- 3-5 years of Cloud Operations/Engineering experience
- 3 or more years of experience in one or more of these critical areas: Access Controls, Information Security Technology, Engineering, CI/CD, Operations, Application architecture, Data architecture and design, System Administration
- 1-3 years experience with Configuration Management (Terraform, Ansible, etc..)
- Demonstrate technical experience on cloud platforms (e.g., AWS, Google Cloud, or Azure) required
- Experience with configuring and deploying Identity and Access Management (IAM) roles and policies (e.g., Okta, AWS IAM, etc.), CIS foundational standards, DISA STIGS
- Experience developing and documenting operational and security process and procedures (patching, product updates, account management, change management, etc.)
- Experience with automated configuration management and deployment using tools such as Ansible, Puppet, Chef, and Python
- Knowledge of application development, systems engineering, and network engineering to develop security requirements and enterprise risk assessment methodologies
- Previous experience working within industry and government compliance standards and requirements including FedRAMP, FISMA, NIST, or DoD SRG/RMF required
PREFERRED QUALIFICATIONS:
Experience with the setup/configuration/operation of CI/CD pipelines and source code control (e.g.GitLab)
- Experience reviewing and updating FedRAMP System Security Plan (SSP), policies, and procedures
- Familiarity with SOC2, ISO 27001 standards, CMMC
- Scripting proficiency is beneficial
- Technical project management experience
qualifications:
- Experience level: Entry Level
- Minimum 3 years of experience
- Education: No Degree Required
skills:
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
For certain assignments, Covid-19 vaccination and/or testing may be required by Randstad's client or applicable federal mandate, subject to approved medical or religious accommodations. Carefully review the job posting for details on vaccine/testing requirements or ask your Randstad representative for more information.
