Cloud DevSecOps Engineer

Koniag Data Solutions a Koniag Government Services company is seeking a Cloud DevSecOps Engineer to support KDS and our government customer in Washington DC. This position is hybrid. Currently one day a week required offer competitive compensation and an extraordinary benefits package including health dental and vision insurance 401K with company matching flexible spending accounts paid holidays three weeks paid time off and ideal candidate is a hands-on technical professional with deep expertise in DevSecOps practices cloud security architecture and infrastructure automation. This role requires someone who is passionate about security committed to continuous learning and capable of implementing robust security controls across cloud environments. This position may require the ability to obtain and maintain a security clearance depending on project requirements. The Cloud DevSecOps Engineer will be responsible for implementing maintaining and enhancing security controls within cloud environments with a primary focus on AWS infrastructure. This role combines security engineering with DevSecOps practices to ensure security is built into every stage of the development lifecycle. Principal responsibilities will include but are not limited to:Design implement and maintain security controls and monitoring solutions in AWS cloud environmentsDevelop and maintain Infrastructure as Code (IaC) using Terraform and OpenTofu for secure repeatable deploymentsIntegrate security tools and processes into CI/CD pipelines using GitLabConfigure maintain and optimize Splunk for security monitoring log aggregation and threat detectionConduct security assessments vulnerability scans and penetration testing of cloud infrastructureImplement and maintain security automation tools and scripts to enhance security postureCollaborate with development teams to embed security best practices into the software development lifecycleMonitor security alerts investigate incidents and respond to security eventsCreate and maintain security documentation runbooks and standard operating proceduresParticipate in security architecture reviews and provide recommendations for security improvementsAutomate compliance checks and reporting for various security frameworksManage secrets credentials and encryption key management across cloud environmentsStay current with emerging threats vulnerabilities and security technologiesEducation and Experience:Required:Bachelors degree in Computer Science Cybersecurity Information Technology or related field from an accredited college or university or equivalent work experience5 years of hands-on experience in cybersecurity with a focus on cloud security3 years of experience with AWS security services and best practices2 years of experience implementing DevSecOps practicesRequired Skills and Competencies:Expert-level knowledge of AWS security services including IAM Security Groups GuardDuty CloudTrail Config Security Hub and KMSHands-on experience developing and maintaining Infrastructure as Code using Terraform and/or OpenTofuProficiency with GitLab CI/CD pipelines and integrating security tools into DevSecOps workflowsStrong experience with Splunk for security monitoring including creating searches alerts dashboards and correlation rulesDeep understanding of cloud security best practices including the AWS Well-Architected Framework Security PillarKnowledge of network security concepts including VPCs security groups NACLs and VPN configurationsExperience with container security (Docker Kubernetes/EKS) and serverless securityProficiency in scripting languages such as Python Bash or PowerShell for security automationUnderstanding of security compliance frameworks (NIST FedRAMP FISMA CIS Benchmarks)Experience with vulnerability management tools and practicesStrong understanding of authentication and authorization mechanisms (OAuth SAML MFA)Excellent analytical and problem-solving skills with attention to detailStrong communication skills with the ability to explain complex security concepts to technical and non-technical audiencesAbility to work independently and as part of a collaborative teamExperience with version control systems particularly GitDesired Skills and Competencies:Current AWS security certification (AWS Certified Security - Specialty or AWS Certified Solutions Architect)Additional relevant certifications such as CISSP CCSP CEH GIAC or similarExperience working in federal government IT environmentsFamiliarity with additional cloud platforms (Azure GCP)Experience with Security Orchestration Automation and Response (SOAR) platformsKnowledge of threat intelligence platforms and integrationExperience with configuration management tools (Ansible Chef Puppet)Understanding of zero-trust architecture principlesExperience with application security testing tools (SAST DAST SCA)Familiarity with service mesh technologies and security implementationsExperience with HashiCorp Vault or similar secrets management solutionsKnowledge of Agile and DevOps methodologiesExperience with immutable infrastructure and serverless architecturesOur Equal Employment Opportunity PolicyThe company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race color religion creed ethnicity sex sexual orientation gender or gender identity (except where gender is a bona fide occupational qualification) national origin or ancestry age disability citizenship military/veteran status marital status genetic information or any other characteristic protected by applicable federal state or local law. We are committed to equal employment opportunity in all decisions related to employment promotion wages benefits and all other privileges terms and conditions of company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website please get in touch with Heaven Wood via e-mail by calling to request Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical professional and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers employees and native communities. For more information please Opportunity Employer/Veterans/ Preference in accordance with Public Law 88-352