Cloud Infrastructure and Security Engineer

About This Role

Who We Are:

• CAE Vision: Our vision is to be the worldwide partner of choice in defense and security and civil aviation by revolutionizing our customers training and critical operations with digitally immersive solutions to elevate safety efficiency and readiness.

• CAE Defense & Security Mission: CAEs Defense and Security business unit focuses on helping prepare military customers to develop and maintain the highest levels of mission readiness.

• CAE Values: Empowerment Innovation Excellence Integrity and OneCAE make us who we are and we strive to make a difference in the world while helping each other succeed.

What We Have to Offer:

• Comprehensive and competitive benefits package and flexibility that promotes work-life balance

• A work environment where all employees are valued respected and safe

• Freedom to succeed by enabling team members to deliver take initiatives and make decisions

• Recognition professional development advancement and having fun!

SUMMARY

The Cloud Infrastructure and Security Engineer is responsible for designing implementing and

maintaining secure cloud and on-premises IT environments. This role ensures the stability

security and scalability of cloud services network systems and cybersecurity defenses while

adhering to industry best practices and compliance requirements. This position works with others

in IT to ensure systems are operational and provides end user support when needed.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Reasonable accommodations may be made to enable individuals with disabilities to perform the

essential functions.

• Design deploy and manage secure cloud environments (Air Force SharePoint CloudOne AWS)

  while ensuring compliance with security frameworks (NIST ISO 27001 FedRAMP).

• Administer systems connected to NIPR network and ensure secure standards are enforced

• Configure and maintain Identity and Access Management (IAM) Multi-Factor Authentication (MFA)

  and Role-Based Access Control (RBAC) policies for cloud and on-prem systems.

• Implement and monitor security controls including intrusion detection/prevention systems

• (IDS/IPS) Security Information and Event Management (SIEM) and endpoint protection solutions.

• Perform vulnerability assessments and penetration testing to identify and mitigate security risks.

• Manage networking infrastructure including firewalls VPNs and load balancers ensuring secure

  connectivity between cloud and on-prem environments.

• Conduct regular security audits risk assessments and disaster recovery planning for IT systems.

• Develop and maintain security incident response plans ensuring rapid detection and mitigation of

  cyber threats.

• Stay up to date with emerging cloud security threats vulnerabilities and best practices.

• Provide technical guidance and training on cloud security best practices to internal teams.

• Monitors usage of system.

• Ensures Scheduled Backup Procedures Non-Scheduled Backup Procedures and Types of Backup

• Media (Initialization Procedures Label Documentation Storage Locations (onsite/offsite) testing

  backups) are in place and functional.

• Conduct information security vulnerability scanning using the DoDs Assured Compliance Assessment Solution (ACAS) (Tenable Security Center and Nessus Software)

• Produce information security vulnerability scanning reports and develop Plans of Action and Milestones (POA&Ms) to resolve information security vulnerabilities

• Install test configure maintain and upgrade the computing and networking environment (CE/NE) operating systems applications software hardware and network infrastructure components to comply with cybersecurity requirements (Security Technical Implementation Guides (STIG) Security Requirements Guides (SRG) and NIST best practices)

• Implement and continuously monitor established technical security controls for CE/NE in accordance with information security plans procedures and work methods

• Develop compensating controls for information security deficiencies

• Assist with developing or updating of Information Security related plans procedures work methods and documentation (such as network topology hardware/software lists)

• Other duties as assigned

QUALIFICATIONS AND EDUCATION REQUIREMENTS

• Bachelors Degree in Management Information Systems Computer Science Information Technology or related field and 5 years of experience in Information Technology or a combination of education and related experience.

• Information Assurance Technician (IAT) Level III certified or capable of obtaining the certification within six (6) months of the completion of the probationary period.

• Cloud Expertise: Experience with AWS Azure or Google Cloud security and infrastructure management.

• Networking & Security: In-depth knowledge of firewalls VPNs IDS/IPS SIEM and endpoint security solutions.

• Compliance & Frameworks: Understanding of NIST CIS ISO 27001 FedRAMP and other regulatory security frameworks.

• Incident Response & Monitoring: Familiarity with tools like Splunk Sentinel or CrowdStrike for threat detection and mitigation.

• Operating Systems: Proficiency in Linux and Windows server administration.

• Strong Analytical Skills: Ability to assess risks troubleshoot security issues and implement effective solutions.

• Experience in a host and client/server telecommunications and network migration and development desktop computing information system integration hardware/software evaluation information engineering and process reengineering methodologies are required.

• Proven telecommunications and network analysis design implementation tuning and maintenance required.

• Thorough understanding of large scale storage technology (SAN NAS Fiber channel Tiered storage zoning LUNs security replication backup)

• Must be proficient in Ethernet protocols and protocol analysis Excellent Communication: Ability to articulate technical security concepts to non-tech

• Must be able to effectively deliver oral presentations to management and customers

• Must be able to work independently with minimal supervision

• Must be able to work overtime as required. Must be willing to work any shift or day of the week as required.

• Understanding of military protocols and customs is essential

• Must be eligible for DoD Personnel Security Clearance.

CERTIFICATES LICENSES REGISTRATIONS

• DoD 8570 approved baseline certification IAT Level III (at least one required) CASP CCNP Security CISA CISSP GCED GCIH Preferred optional - AWS Cloud Practitioner AWS Solutions Architect AWS Security Specialty CCSP GCSA GSEC CEH CompTIA Cloud

LANGUAGE SKILLS

• Must have the ability to read analyze and interpret the most complex documents. Will be required to respond effectively to sensitive inquiries and complaints. Must be able to generate effective oral and written presentations and proposals on complex subjects.

MATHEMATICAL SKILLS

• Must be able to calculate figures and amounts prices commissions and percentages and to draw and interpret graphs.

REASONING ABILITY

• Must be able to define problems collect data establish facts and draw valid conclusions. An ability to interpret complex customer requirements and attitudes from verbal non-verbal and written communication is desirable.

SECURITY RESPONSIBILITIES

Must comply with all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials in any form. Shall not divulge any information or afford access to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources.

WORK ENVIRONMENT AND PHYSICAL DEMANDS

• Work in a regular office environment; communicate via personal computer telephone and fax.

• Domestic and international travel as required.

• Must be able to walk and/or climb stairs and ladder into a simulator or airplane cockpit.

• Must be able to detect odors or hear noises bangs etc. or other sounds to detect problems or flaws in the functioning of simulators and its surrounding environment.

OTHER DUTIES

Please note this job description is not designed to cover or contain a comprehensive listing of activities duties or responsibilities that are required of the employee for their job. Duties responsibilities and activities may change at any time with or without notice.

CAE USA Inc. is an equal opportunity employer and all qualified applicants will be considered for employment without regard to any protected characteristic including disability and protected veteran status as defined under federal state or local laws.

Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability please contact us at

Position Type

CAE thanks all applicants for their interest. However only those whose background and experience match the requirements of the role will be contacted.

Equal Opportunity Employer

CAE is an equal opportunity employer committed to providing equal employment opportunities to all applicants and employees without regard to race color national origin age religion sex disability status protected veteran status or any other characteristic protected by federal state or local CAE everyone is welcome to contribute to our success. Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability please contact us at .