McLean, Virginia, USA
108 days ago
Cloud Security Engineer (Joint and Services Center)

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.

The DoDIN Joint Warfighting Capabilities Department is seeking highly motivated, innovative, and self-directed cloud security engineers to join our team. You will be working with technology experts to preserve and expand our competitive advantage in the face of near-peer competition and asymmetric threats. Competitive advantage is highly dependent upon our ability to secure and provide information for critical decision making at a rapid pace.

As part of our team, you contribute to the definition of DoD standards for web application security testing as well as ensuring the security of DoD’s cloud-based web applications. You will assist in the creation of API security tool suites to identify vulnerabilities, to provide on-going status of vulnerabilities via reports/dashboards, and to increase robustness of “never trust, always verify” tooling for APIs.  You will also demonstrate how secure API gateways can mitigate vulnerabilities and provide guidance on secure API gateway configurations.

Roles and Responsibilities:

Architecting, designing, and developing API vulnerability scanning tools and dashboardsExploration and assessment of technical solutions through analysis, prototypes, and pilotsResearch of emerging technologyTechnical assessments of capabilities and solutionsDevelopment of actionable recommendations and strategies for securing cloud solutions

Basic Qualifications:

Active DoD Secret clearance with the ability to obtain and maintain a Top SecretTypically, Bachelor’s degree in software engineering or related field of study and 5 years of related experience; or 3 years and a Master’s Degree; or PhD who can immediately contribute at this job step; or equivalent combination or related education and work experience.Demonstrated technical experience architecting, implementing, and testing Azure cloud solution architectures and prototypes with a strong focus on security solutions.Proficiency with cloud security services such as identity and access management, cloud configuration compliance, storage and database security, network security, and monitoring services.Outstanding Software Engineering skills are essential including architecting, development, and testing.Experience developing and/or testing REST or GraphQL APIs.Proficient using the git version control system.Experience with application security tools such as OWASP ZAP, Burp Suite, Checkmarx, and SonarQube.Experience with Agile Software Development processes and tools.Strong written and oral communication skills are necessary.Excellent collaboration skills as well as the ability to work autonomously when necessary is required.Ability to define and lead small efforts.This position requires a minimum of 50% hybrid on-site presence.

Preferred Qualifications:

Active DoD Top Secret clearance.Master’s degree in software engineering or related fields of study.Knowledge of or experience in securing and testing web APIs.Knowledge of or experience with Zero Trust architectures and capabilities.Experience developing serverless web applications using cloud-native services such as Azure Functions, Azure API Management, and Azure App Service.Certifications with one or more Cloud Service Providers (CSPs), i.e., Azure, AWS, etc.Knowledge of DoD networks and services.

This requisition requires the candidate to have a minimum of the following clearance(s):

Secret

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Top Secret

Work Location Type:

Hybrid

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster and Pay Transparency.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org.

Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

\nBenefits information may be found here
Confirm your E-mail: Send Email