Job Title:- Cloud Security Specialist (AWS)
Labor Category: 3.5.4 – Cloud Security Specialist
Level: 3.5.4.2 – Senior Level
On-site at FRB locations, Washington, DC.
ship required local DMV only
Selected candidates will participate in a phone screening. Those that pass the
phone screening will be invited to an in-person interview
General Labor Category: 3.5 Cloud Services
Source Documents:
- POSITIONS – Attachment 9 Section C.3 Labor Categories – Amendment Two
- TOR #202615 – Cloud Security Specialist (AWS)
-
Job Description – Senior Cloud Security Specialist (AWS)
The Senior Cloud Security Specialist supports the Security Engineering team by designing, assessing, implementing, and maintaining secure AWS cloud architectures and security controls across cloud, onpremises, and hybrid environments.
Senior Level Personnel Qualifications (Generic – BOA 3.5.4.2)
- Bachelor’s degree in Information Security, Computer Science, Management of Information Systems, or related field.
- Minimum six (6) years of cybersecurity experience, including cloud security, compliance, and risk management.
- Minimum six (6) years of experience on public cloud platforms (AWS, Azure, Google, or others).
- At least one of the following certifications :
- CompTIA Security+
- Certificate of Cloud Security Knowledge (CCSK)
- Professional Cloud Architect
- Professional Cloud Security Engineer
- Certified Cloud Security Professional (CCSP)
Capabilities (Generic – BOA)
- Serve as a cloud security expert integrating sound practices from Identity and Access Management, monitoring, platform standards, network segmentation, encryption, and security controls into cloud platforms.
- Collaborate with Enterprise Architects, functional area architects, and security specialists to ensure secure cloud IT systems and platforms.
TORSpecific Requirements and Experience (AWS)
- Minimum five (5) years of handson AWS security experience.
- AWS Certified Security – Specialty (strongly preferred).
- AWS Certified Solutions Architect – Professional or Associate.
- Demonstrated experience implementing secure, scalable AWS architectures following industry best practices and security frameworks.
- Demonstrated federal experience implementing:
- NIST Cybersecurity Framework
- OMB Memorandum M2209
- NIST SP 80053
- Strong understanding of IAM, cloud security, network security design, security operations, security architecture, data loss protection, zero trust, DevSecOps, and vulnerability management.
- Deep analytical, problemsolving, and troubleshooting experience.
- Ability to work independently with strong attention to detail.
- Proven ability to provide proactive technical security consultation and advisory services.
Duties and Responsibilities (TOR – Complete)
- Conduct regular security reviews of AWS cloud infrastructure deployed by engineering teams.
- Evaluate infrastructureascode against security standards.
- Review and validate compliance with security policies and best practices.
- Assess adherence to AWS WellArchitected Framework – Security Pillar.
- Identify and document security misconfigurations and noncompliant controls.
- Develop and maintain security posture dashboards.
- Create or update security configuration guides and playbooks.
- Implement AWS security controls and services to ensure security hardening.
- Develop and update AWS security configuration standards.
- Conduct security training sessions for engineering teams.
- Present findings and recommendations in team meetings.
- Identify opportunities to automate security assessments.
- Recommend security tooling improvements.
Never miss an opportunity! Create an alert based on the job you applied for.
