Cloud Security (AWS) Engineer

Apply now »

Date: Jul 12, 2024

Location: Arlington, VA, US

Company: NTT DATA Services

Req ID: 283280 

NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Cloud Security (AWS) Engineer to join our team in Arlington, Virginia (US-VA), United States (US).

Cloud Security Engineer

We are seeking a highly skilled and experienced Cloud Security Engineer to join our team. As a Cloud Security Engineer, you will be responsible for designing, securing, implementing, and managing our customer’s cloud infrastructure.


As a Cloud Security Engineer, you will play a crucial role in designing, implementing, and maintaining security measures to protect an organization's cloud-based infrastructure and data. This role requires a deep understanding of cloud technologies, security best practices, and a proactive approach to identifying and mitigating security risks.


The Cloud security engineer will use technical guidance and engineering best practices to securely build and scale cloud-native applications and configure network security defenses within the cloud environment. These individuals are proficient in identity and access management (IAM), using cloud technology to provide data protection, container security, networking, system administration and zero-trust architecture.


The Cloud security engineer must have a comprehensive knowledge of FISMA, NIST, NSA, and other information security, cybersecurity, UAM, and CDM related industry policies, standards, procedures, guidelines, best practices, developing, engineering, implementing, testing, evaluating, configuring, monitoring, and maintaining cybersecurity, UAM, CDM, insider threat detection/analysis incident detection/analysis, and vulnerability compliance and assessment software and hardware.


Personnel assigned to this role will serve primarily on the ISSO as a Service (ISSaaS) team. The designated contract team member for the ISSO as a Service (ISSaaS) team and is considered Key Personnel.



  • Design and implement secure cloud architecture for various cloud platforms (AWS, Azure, & GCP).
  • Collaborate closely with architects and developers to ensure security is integrated into the entire cloud environment.
  • Implement and manage security monitoring tools for cloud environments.
  • Respond to and investigate security incidents, providing timely resolution.
  • Ensure cloud environments comply with industry standards and regulations.
  • Implement and monitor governance frameworks for cloud security.
  • Develop and maintain scripts or automation tools for security tasks.
  • Implement DevSecOps practices to integrate security into the CI/CD pipeline.
  • Conduct regular vulnerability assessments and coordinate remediation efforts. Keep abreast of emerging threats and vulnerabilities in cloud environments.
  • Maintains all documentations.
  • Supports and develops automation.
  • Develop in languages such as Bash, PowerShell, Python.
  • Maintains/enhances knowledge of related (AWS / Azure / GCP / OCI) cloud services.
  • Monitors and tunes the cloud systems to achieve optimum performance levels.
  • Propose and implement cloud infrastructure transformation and automation based on customer requirements.
  • Assist in building, troubleshooting, and optimizing container-based cloud infrastructure.
  • Assist in selecting, implementing, and tuning configuration management (CM) technology platforms.
  • Assist in ensuring operational readiness for launching secure and scalable workloads into public and hybrid cloud environments.
  • Work to validate existing infrastructure security, performance and availability and make recommendations for improvements and optimization.
  • Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements.


Basic Qualifications: 

  • Master’s degree: Computer Science, Information Systems, or Information Technology Engineering, Information Technology Management, Business Management, or task order specific discipline or related field.
    • Education Equivalency: High School Diploma + 4 additional years of experience = Associate's Degree; Associate's Degree + 4 additional years of experience = Bachelor's Degree; Bachelor's Degree + 4 additional years of experience = Master's Degree
  • Required Certifications: DoD IAT, IASAE, or CSSP Level II or III or equivalent.
  • Minimum 10 years of experience in any combination of cloud cybersecurity, cloud security engineering, and/or cybersecurity experience, to include :
    • Minimum 10 years of experience in network, system, software, and/or cloud architecture; design, implementation, support, and evaluation of security-focused tools and services.
  • Must be able to successfully complete a DEA background investigation in conjunction with being an active Secret or higher clearance holder and must be eligible for a Top-Secret clearance if requested.


Preferred Qualifications:

  • Any combination of security engineering experience in the following areas: AWS GOV Cloud, SPLUNK, tools (CORE, SOAR, ES, UBA), SIEM , Azure Cloud, Kubernetes, Docker, Rancher, Linux, or windows command line experience. (AWS, Ali Cloud, Azure), Familiarity with CloudFormation, EC2, EMR, S3, Redshift, RDS, SQS and AutoScaling Groups, and container orchestration is a plus.
  • AWS Certified Cloud Practitioner, AWS Certified Solutions Architect – Professional, AWS DevSecOps Engineer, AWS Solutions Architect Associate, AWS Security Specialty.
  • Azure Fundamentals, Azure Data Fundamentals, Azure Ai Fundamentals, Azure Security Engineering Associate, Azure Solutions Architect Expert.
  • AWS Inspector.
  • AWS GuardDuty & Security Hub.
  • Integrate AWS events with Azure Sentinel.
  • 3rd party firewall appliances – Palo alto.
  • CyberArk – Installation & Configuration.
  • Google Associate Cloud Engineer.
  • Cloud Security Alliance: Certificate of Cloud Security Knowledge (CCSK).
  • SANS Institute Certification SEC541: Cloud Security Attacker Techniques, monitoring, and threat detection.
  • SANS Institute Certifications: SEC 488: Cloud Security Essentials, SEC 540: Cloud Security and DevSecOps Automation, SEC 388: Introduction to Cloud Computing and Security.
  • Experience briefing and building visualization for executive leadership, PowerBI & API use, risk assessment through data aggregation.



About NTT DATA Services

NTT DATA Services is a recognized leader in IT and business services, including cloud, data and applications, headquartered in Texas. As part of NTT DATA, a $30 billion trusted global innovator with a combined global reach of over 80 countries, we help clients transform through business and technology consulting, industry and digital solutions, applications development and management, managed edge-to-cloud infrastructure services, BPO, systems integration and global data centers. We are committed to our clients’ long-term success. Visit or LinkedIn to learn more.

NTT DATA Services is an equal opportunity employer and considers all applicants without regarding to race, color, religion, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic protected by law. We are committed to creating a diverse and inclusive environment for all employees. If you need assistance or an accommodation due to a disability, please inform your recruiter so that we may connect you with the appropriate team.

Nearest Major Market: Arlington Virginia
Nearest Secondary Market: Washington DC

Job Segment: Cloud, Developer, Solution Architect, Testing, Computer Science, Technology

Apply now »