About the Role
GSC is a leading cyber security and information technology company based in Washington, DC. We are seeking a highly skilled and experienced Senior Cloud Security Engineer to join our team. In this role, you will lead the design, implementation, and maintenance of our cloud security infrastructure, ensuring the protection of our systems, applications, and data across cloud environments. As a key member of the security team, you will collaborate with cross-functional teams to establish security best practices and provide guidance on cloud security strategies.
Key Responsibilities
- Security Architecture & Design: Design and implement secure cloud infrastructure, including network architecture, identity and access management, and data protection strategies.
- Cloud Platform Security: Establish and maintain security configurations for cloud platforms (e.g., AWS, Azure, GCP, OCI), ensuring compliance with organizational policies and regulatory standards.
- Threat Management: Develop and manage threat detection and response strategies, including the implementation of cloud-native and third-party security tools.
- Incident Response: Lead the investigation and resolution of cloud security incidents, ensuring timely communication with stakeholders and thorough post-incident reviews.
- Compliance & Risk Management: Assess cloud systems for compliance with security policies, standards, and regulations (e.g., SOC 2, ISO 27001, GDPR, HIPAA).
- Automation & Tooling: Develop scripts and tools to automate security monitoring, configuration, and incident response tasks.
- Collaboration: Work closely with DevOps, engineering, and IT teams to integrate security into CI/CD pipelines and cloud-based development processes.
- Training & Mentorship: Provide mentorship to junior engineers and deliver training sessions to promote cloud security awareness across the organization.
Required Qualifications
- Education: Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
- Experience:
- Must have at least Ten (10) years of overall experience working in cybersecurity or information technology.
- 5+ years of experience in cloud security engineering or related roles.
- Hands-on experience with cloud platforms (AWS, Azure, GCP or OCI) and their security services (e.g., IAM, VPCs, KMS, Security Hub, etc.).
- Technical Skills:
- Strong understanding of cloud security frameworks (e.g., CSA, NIST).
- Proficiency in scripting languages (Python, Bash, PowerShell, etc.).
- Experience with security monitoring tools, such as SIEM, EDR, and cloud-native security platforms.
- Knowledge of containerization security (e.g., Docker, Kubernetes).
- Certifications: Relevant certifications such as AWS Certified Security – Specialty, Azure Security Engineer Associate, or CISSP are highly preferred.
- Soft Skills:
- Excellent problem-solving and analytical skills.
- Strong verbal and written communication abilities.
- Ability to work effectively in a team and mentor junior staff.
Preferred Qualifications
- Experience with hybrid cloud environments and multi-cloud security management.
- Familiarity with DevSecOps practices and tools (e.g., Terraform, Jenkins, Ansible).
- Expertise in encryption technologies and secure key management.
- Knowledge of compliance frameworks like PCI DSS, CCPA, and FISMA.
What We Offer
- Competitive salary and benefits package.
- Opportunities for professional growth and development.
- A collaborative and innovative work environment.
- Flexible work arrangements, including remote options.
Job Category: Information Technology (IT) and Cybersecurity.
Hybrid: Hybrid
Washington DC: Washington DC-Baltimore Area