Cloud Security Engineer

Overview

DecisionPoint seeks a Cloud Security Engineer to implement, validate, and maintain IL5-compliant cloud security controls, cloud-native protections, and Zero Trust-aligned defenses across enterprise cloud environments supporting a federal and DoD-aligned mission. This role ensures secure operation of cloud platforms by applying encryption standards, boundary protections, monitoring capabilities, and continuous security enhancements.

The Cloud Security Engineer works closely with cloud infrastructure, DevSecOps, and cybersecurity teams to ensure secure design, deployment, and monitoring of cloud workloads, integrations, and mission applications. This position plays a crucial role in advancing security posture through security automation, configuration hardening, and cloud-native tooling.

This position is fully remote.

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid.

Duties & Responsibilities

The Cloud Security Engineer will:

• Implement IL5 cloud security controls and security baselines in alignment with DoD cloud requirements.

• Configure and maintain cloud-native security tools such as logging, monitoring, encryption services, and identity protections.

• Support Zero Trust alignment across cloud workloads, boundary protections, and identity-based security models.

• Implement encryption at rest and in transit, certificate management, and key rotation policies.

• Configure logging, alerting, and continuous monitoring for cloud resources and mission systems.

• Support secure cloud networking including VPC configuration, boundary defenses, segmentation, and traffic filtering.

• Apply hardening standards, secure configuration baselines, and STIG-aligned requirements to cloud services.

• Assist with vulnerability remediation, patching validation, and mitigation of cloud security risks.

• Review cloud architectures, IaC templates, and deployment pipelines for security compliance.

• Provide recommendations for cloud security optimization, automation, and modernization.

• Support incident response by analyzing cloud security alerts, logs, and audit trails.

• Produce documentation including security diagrams, configuration records, baseline definitions, and assessment artifacts.

• Collaborate with ISSMs, security engineers, and cloud architects to ensure continuous compliance and audit readiness.

Qualifications

Clearance Requirement

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation.

Education (Required)

Bachelor's degree in Cybersecurity, Cloud Engineering, Information Technology, or a related field.

Experience (Required)

• Minimum 7 years of experience in cloud security engineering, cybersecurity, or cloud infrastructure protection.

• Experience implementing IL5 or other high-impact cloud security controls.

• Experience with cloud-native security tools, monitoring, encryption, and key management.

• Experience supporting Zero Trust alignment, boundary protections, and identity-based access models.

• Experience reviewing cloud architectures, IaC templates, or CI/CD deployments for security compliance.

Technical Knowledge (Required)

• Strong knowledge of AWS cloud security services, configurations, and native tooling.

• Understanding of DoD cloud security requirements, NIST SP 800-53, and authorization controls.

• Proficiency in cloud logging, monitoring, security alerting, and SIEM integration.

• Knowledge of network security, segmentation, boundary defenses, and secure VPC architecture.

• Understanding of encryption, certificate management, and secure key handling.

Technical Knowledge (Preferred)

• Experience with automation tools such as Terraform, CloudFormation, or other IaC platforms.

• Familiarity with container security, Kubernetes protections, or cloud-native microservices security.

• Experience implementing Zero Trust architectures or continuous authorization models.

Certifications

Required:

• Security+

• CCSP

• AWS Security Certification (such as AWS Security Specialty)

Preferred:

• CISSP

• GIAC cloud security certifications

• Additional AWS or cloud engineering certifications

Skills

• Strong analytical skills for identifying and mitigating cloud-based security risks.

• Strong communication skills for collaborating with engineers, leadership, and mission stakeholders.

• Ability to design, document, and implement secure cloud configurations.

• Attention to detail and commitment to compliance, accuracy, and continuous monitoring.

• Ability to prioritize multiple tasks and operate in a dynamic, mission-driven environment.

Our Equal Employment Opportunity Policy

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.