We are seeking a Junior Cloud DevSecOps Engineer to support a NASA program as part of a contractor cloud security and operations team.
Requirements
- Monitor security alerts from cloud and enterprise security tools across AWS and Azure
- Perform initial triage and analysis of suspicious activity
- Escalate incidents following defined NASA program procedures
- Assist with incident response activities including containment and remediation
- Document incidents, findings, and response actions clearly and accurately
- Support log review and event correlation across cloud and on-premise systems
- Assist with monitoring Microsoft Defender for Cloud recommendations and alerts
- Support identity and access monitoring in Microsoft Entra ID
- Help validate MFA, Conditional Access, and role based access control configurations
- Assist with cloud security posture checks across Azure subscriptions
- Support Azure Policy and security baseline validation activities
- Assist with monitoring AWS Security Hub, GuardDuty, CloudTrail, and AWS Config alerts
- Support IAM reviews including role based access and least privilege validation
- Help validate encryption settings for S3, EBS, and other AWS services
- Assist with reviewing logging configurations and audit trails
- Support remediation tracking for AWS security findings
- Assist with integrating security checks into CI/CD pipelines
- Support review of Infrastructure as Code templates (Terraform, ARM, CloudFormation)
- Help identify misconfigurations in development and staging environments
- Assist with basic automation scripting using PowerShell, Python, or Bash
- Support secure configuration validation as part of release processes
- Review security logs and alerts using Microsoft Sentinel, AWS logging services, or similar SIEM platforms
- Assist with basic KQL query building and alert tuning
- Support threat hunting activities under senior analyst guidance
- Help correlate identity, endpoint, and cloud events
- Support vulnerability scanning and remediation tracking across AWS and Azure environments
- Assist with patch compliance reporting and baseline configuration checks
- Help maintain security documentation supporting federal compliance requirements
- Support audits and security assessments as needed
- Assist with alignment to NIST SP 800 53, NIST Cybersecurity Framework, and related federal standards
Benefits
- Life and Accidental Death & Dismemberment (AD&D) coverage
- Short Term Disability (STD) and Long Term Disability (LTD) insurance
- Medical Insurance
- Dental Insurance
- Comp/flex time
- Paid Vacation
- Paid Holidays
- Paid Sick Days
- 401k Retirement Plan
