HHS - Sr. AWS Security Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field.
• Minimum of 7 years of cybersecurity experience, with at least 4 years supporting AWS environments.
• Hands-on experience securing AWS services (EC2, S3, RDS, Lambda, IAM, VPC).
• Strong knowledge of FedRAMP, FISMA, OMB A-130, and NIST RMF.
• Experience with CSPM tools and cloud-native security services.
• Experience integrating cloud security with SIEM and SOC operations.
• Ability to document architectures, security controls, and procedures.
• Active AWS Certified Security – Specialty or AWS Certified Solutions Architect
• Active CISSP, CCSP, or equivalent (preferred).

Nice To Haves

• OSCP, GPEN, CEH, or GXPN preferred.
• Active CISSP, CCSP, or equivalent (preferred).

Responsibilities

• Serve as the Subject Matter Expert (SME) for AWS cloud security architecture and operations.
• Implement and maintain AWS security controls aligned with NIST SP 800-53 Rev. 5 and FedRAMP.
• Administer Cloud Security Posture Management (CSPM) solutions to detect misconfigurations and vulnerabilities.
• Support FedRAMP compliance by reviewing SSPs, CRMs, POA&Ms, SARs, and penetration test results.
• Design and implement secure AWS architectures using IAM, VPCs, security groups, encryption, and logging.
• Integrate AWS logging (CloudTrail, CloudWatch, GuardDuty) with HRSA SIEM solutions.
• Implement runtime security for EC2, containers, and serverless workloads.
• Develop and maintain Infrastructure as Code (IaC) using secure-by-design principles.
• Support zero trust cloud networking and identity-based access controls.
• Respond to cloud-related security incidents and support forensic investigations.
• Follow HRSA change management processes and develop technical implementation plans.