Security Architect - Cloud

We're Hiring! Exciting opportunities for Security Architects at ANALYGENCE!Join us at the Lackland AFB - Defense, Space, IT, Cyber & Intel Hiring Fair in San Antonio, TX on October 1st 11am-2pm to explore roles with ANALYGENCE and discover our People-First culture. Meet our recruiters, learn more about our mission, and take the next step toward a rewarding career. Registration required at JBSA-Lackland AFB - Transition Careers.

The Air Combat Command's 67th Cyberspace Wing (67 CW), 346th Test Squadron (346TS)plans, executes, and contributes as both an operational and participating test organization in a full array of operational tests of various cyber weapons in coordination with the 318 Range Squadron (318RANS) who provides instrumented cyber range services, through both physical hardware and virtual systems.

In support of this mission, ANALYGENCE has an immediate opportunity for a Security Architect - Cloud Infrastructure. In this role you will be responsible for conducting vulnerability and compliance assessments on network infrastructure and cloud architectures to include, but not limited to scanning these environments to identify active client, server and infrastructure devices such as routers, switches, firewalls, proxy servers, intrusion detection/prevention systems (IDS/IPS), fingerprint applications/operating systems, identify vulnerabilities, analyze results, manually verify findings to eliminate false positives or negatives, capture artifacts such as screen captures, etc., to provide evidence and artifacts for each exploitable vulnerability, etc. Candidate must also be able to adequately "tell the story" of how vulnerability was exploited and what the overall impact would be to particular hosts or networks. Responsibilities inlcude:

• Conduct vulnerability and compliance assessments on AF and DoD systems (i.e., Microsoft Windows and UNIX based platforms) and network infrastructure/cloud architectures (i.e., routers, switches, Voice over IP, etc.)
• Demonstrated understanding of Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) and employed/use of virtual private networks (VPNs)
• Collaborate with cyber and security to ensure security controls are embedded into architectures/designs to be assessed
• Create proof-of-concepts to demonstrate feasibility of new ideas/innovations
• Demonstrated ability to read raw network device configuration and be able to identify and describe why a particular setting is erroneous without the assistance of automated tools
• Remain abreast of emerging cloud technologies to provide input and knowledge on trends to support future customer missions/tasks
• Ability to map out a network and identify the location of discovered devices within the network/cloud architecture
• Ability to methodically analyze problems and identify potential solutions
• Ability to adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability or exploit
• Analyze and evaluate network and infrastructure diagrams for potential attack vectors; render sound cyber security remediation recommendations for items identified
• Knowledgeable in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events
• Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments
• Exhibit good written and verbal skills, with an attention to detail and desire to deliver a quality product; additionally, an ability to render concise reports, summaries, and formal oral presentations
• Demonstrate willingness and ability to mentor co-workers an share knowledge with internal customers
• Ability to prioritize conflicting demands to arrange, address and resolve support issues
• Position requires travel up to 25%

• Current Top Secret clearance with SCI eligibility
• Bachelor's degree in a related field and a minimum of 3 years of experience in a related role; associate degree with 4 years' experience or 6 years equivalent experience without a degree.
• IAT Level III certification required (CASP, CISSP+, etc.).
• Must be able to support travel up to 25%.
• Must possess a cloud computing professional certification (AWS CSA/CD, Azure Administrator/Security Engineer, Google Cloud Engineer, etc.)
• Must obtain a CSSP-Auditor (C|EH, CySA, CISA, GSNA) certification within 6 months
• Expertise with cross-functional requirements and interfaces for hardware, software and communications in a cloud computing environment (AWS, Azure)
• Experience in working with and in a network systems security environment with a focus on network administration and security
• Demonstrated understanding of virtualization technology and Docker containers (i.e. Hyper-V, VMware, Citrix, and VirtualBox)
• Proficient in review and understanding of JSON and YAML languages
• Demonstrated ability to employ NMAP, its associated options, and interpret results
• Demonstrated ability to apply Nessus/ACAS and SCC to scan environments and interpret the results; firm understanding of how to review, analyze and interpret DISA STIGs
• Interest in research to stay abreast of future direction and trends for cloud technologies
• Self-motivated with minimal supervision
• Must complete skills assessment lab and remain mission ready qualified.
• Self-motivated with minimal supervision.
• Experience or familiarity with military operations highly desirable.

Preferred Requirements:

• Analytical with the ability to understand and implement customer objectives
• Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessments
• Experience or familiarity with military operations highly desirable