25 Apr
SOC Cloud Security SME (TS Cleared)
District of Columbia, Washington , 20001 Washington USA

Vacancy expired!

Job Description

MindPoint Group is seeking an enthusiastic SOC Cloud Security SME to help our largest Federal client monitor and secure their rapidly expanding cloud footprint against would-be attackers. The successful candidate will have a passion for and experience with being the foremost Cloud Security expert in a large, enterprise SOC environment and augment the team’s knowledge and skills across the major cloud providers (e.g., AWS, Azure, and Google Cloud) to develop alerting and response procedures for cloud events and perform cloud hunting, monitoring, and incident response.

What you get to do every day:

  • Perform cloud hunting and identify embedded threats effectively and efficiently
  • Review and analyze cloud logs to bring relevance and context to the data
  • Lead cloud incident response activities as they occur
  • Develop a full set of cloud incident response playbooks
  • Work with stakeholders to ensure full visibility into workloads running in the cloud
  • Ensure all cloud logs are onboarded to the SIEM tool and the correct events are logged
  • Develop and implement a full set of monitoring use cases to enable DOJ security tools to immediately and automatically detect cloud threats
  • Continuously tune security tools for optimization, i.e., maximum blocking with minimal false positives
  • Devise and implement additional KPIs and metrics that help DOJ monitor the overall health of this function
  • Ensure and enable DOJ’s participation in threat information sharing initiatives across the USG
  • Assist the engineering team with the deployment, configuration, and maintenance of cloud-based SOC tools, technologies, applications, and solutions
  • Perform research and lead proof of concept efforts to determine where additional technologies may be necessary

Qualifications

What skills do you need?

  • Active Top Secret Clearance with SCI Eligibility is required
  • Able to work normal business hours (core) and occasional/limited on-call hours as requested by the client and/or as required by operational demands (e.g., during major incidents)
  • Willingness to work at the client site in Washington DC at least part of the time is required (hybrid/telework)
  • Eight (8) years of cyber security experience, with at least six (6) of those years working as a Cloud Security Engineer in an enterprise SOC environment
  • Demonstrated expertise in performing cyber threat hunting activities in cloud environments (e.g., SaaS, PaaS, IaaS, including O365, SIEM, EDR, and other cloud-based applications) is critically important
  • Demonstrated experience leading incident response activities when cloud-based tools and systems are involved
  • Experience across all major cloud providers (AWS, Azure, Google)
  • Bachelor’s degree required OR additional relevant experience
  • bility to work as an integral part of a high-performing SOC team is required
  • Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms
  • Understanding of recent cybersecurity policies and mandates such as EO 14028, M-21-31, NSM-8, and their impact on SOC activities

What is ideal?

  • Advance level Cloud Security certifications are strongly preferred (e.g, AWS Security Specialty certification)
  • CISSP, GCIH, and similar certifications are a plus

Additional Information

  • All offers are contingent upon proof of full vaccination against COVID-19 or successful accommodation for an exemption.
  • All your information will be kept confidential according to EEO guidelines.
  • Mindpoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

Vacancy expired!


Related jobs

Report job