cFocus Software Incorporated

Compensation

Full Description

cFocus Software seeks a Sr. AWS Security Engineer to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance. Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field. Minimum of 7 years of cybersecurity experience, with at least 4 years supporting AWS environments. Hands-on experience securing AWS services (EC2, S3, RDS, Lambda, IAM, VPC). Strong knowledge of FedRAMP, FISMA, OMB A-130, and NIST RMF. Experience with CSPM tools and cloud-native security services. Experience integrating cloud security with SIEM and SOC operations. Ability to document architectures, security controls, and procedures.OSCP, GPEN, CEH, or GXPN preferred. Active AWS Certified Security – Specialty or AWS Certified Solutions Architect Active CISSP, CCSP, or equivalent (preferred). Duties: Serve as the Subject Matter Expert (SME) for AWS cloud security architecture and operations. Implement and maintain AWS security controls aligned with NIST SP 800-53 Rev. 5 and FedRAMP. Administer Cloud Security Posture Management (CSPM) solutions to detect misconfigurations and vulnerabilities. Support FedRAMP compliance by reviewing SSPs, CRMs, POA&Ms, SARs, and penetration test results. Design and implement secure AWS architectures using IAM, VPCs, security groups, encryption, and logging. Integrate AWS logging (CloudTrail, CloudWatch, GuardDuty) with HRSA SIEM solutions. Implement runtime security for EC2, containers, and serverless workloads. Develop and maintain Infrastructure as Code (IaC) using secure-by-design principles. Support zero trust cloud networking and identity-based access controls. Respond to cloud-related security incidents and support forensic investigations. Follow HRSA change management processes and develop technical implementation plans.