Continuous Monitoring Security Specialist

  • Full-Time
  • Herndon, VA
  • Amazon Web Services, Inc.
  • Posted 3 years ago – Accepting applications
Job Description
  • BS degree in technical field, or 5+ years’ equivalent technology experience
  • 2 years or more of demonstrated experience in areas such as Continuous Monitoring program development & reporting
  • Previous experience with Nessus scanner & Security Center configuration, scanning, and reporting
  • Current, active US Government Security Clearance of TS/SCI with Polygraph
Please note: this position requires that the candidate selected be a U.S. citizen and must currently possess and maintain an active TS/SCI security clearance with polygraph.

Amazon Web Services (AWS) is the leading cloud provider, providing virtual infrastructure, storage, networking, messaging, and many other services to customers all over the world. AWS runs a globally distributed environment, operating at massive levels of scale. Businesses, from start-ups to enterprises, run their operations and applications on AWS’s multi-tenant infrastructure. Governmental organizations are also looking to and depending on AWS for cloud solutions and services.

Our Continuous Monitoring team is seeking a focused System Security specialist who will perform continuous monitoring, incident response, and conduct direct liaison with our Government customer. This role will specialize in all Continuous Monitoring aspects of System Security management for cloud web services in large scale computing environments.

You should have a good mix of technical knowledge and a demonstrated background in information security. We value broad knowledge and hands-on experience in continuous monitoring, security operations, and incident response.

You should be able to accomplish most of the following:
  • Execute vulnerability scans utilizing the Nessus scanner & Security Center
  • Apply NIST, DOD, and other government standards, policies and regulations (e.g., NIST 800-137, NIST 800-53, 800-37 and 800-39) when executing the ConMon Program
  • Assist in developing and validating ConMon Strategy. Identify ConMon program gaps and recommends solutions to address gaps.
  • Review risk tolerance within the enterprise architecture, security architecture, security configurations, planned changes to the enterprise architecture, and available threat information.
  • Assist in the development and tracking of ConMon metrics such as the number and severity of vulnerabilities discovered and remediated, number of unauthorized access attempts, configuration baseline information, and contingency plan testing dates and results.
  • Support the tracking of finding remediations to completion.
  • Assist with validating the ConMon information collection and reporting process.
  • Validate solutions and determine improvements to lower costs, enhance efficiency, improve the reliability of monitoring security-related information.
  • Develop monthly ConMon Reports and capture metrics as security control assessments are conducted. Detail findings, provide status, recommended mitigations, metrics, and evidence.
  • Communicate effectively at multiple levels of sensitivity, and multiple audiences.
Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon’s culture of inclusion is reinforced within our 14 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust.

Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren’t focused on how many hours you spend at work or online. Instead, we’re happy to offer a flexible schedule so you can have a more productive and well-balanced life—both in and outside of work.

  • Implementing enterprise wide System Security programs designed to anticipate, assess, and minimize system vulnerabilities
  • Experience in making recommendations for resolving System Security problems and requirements for multiple platforms that utilize a common Cloud infrastructure that Government customers leverage as an enterprise compute environment
  • Experience in application security architecture, security code reviews, security testing, incident response, or security infrastructure
  • Understanding of the AWS service catalog
  • Demonstrated experience administering Linux and Windows operating systems in accordance with applicable security controls
  • A sense of humor! We work hard to raise the security bar for our customers, but we also know how to laugh.
  • Meets/exceeds Amazon’s leadership principles requirements for this role
  • Meets/exceeds Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation
Apply to this Job