AWS Cloud Security Engineer - Cleared at RightDirection Technology Solutions – Washington, District of Columbia

RDTS is seeking a skilled AWS Security Engineer to design, implement, and maintain secure cloud architectures within AWS. This role is responsible for strengthening cloud security posture, implementing preventative and detective controls, and ensuring compliance with organizational and regulatory requirements. The ideal candidate combines deep AWS technical knowledge with a strong security engineering mindset.

The position is 100% onsite and full-time, Monday-Friday with standard office hours.

Key Responsibilities:

• Design and implement secure AWS architectures aligned with security best practices
• Configure and manage IAM policies, roles, and permission boundaries using least-privilege principles
• Implement and manage security services such as AWS GuardDuty, Security Hub, Inspector, Macie, and WAF
• Develop and maintain infrastructure security controls using Infrastructure as Code (Terraform, AWS CDK Python)
• Perform threat modeling, risk assessments, and vulnerability remediation
• Implement logging, monitoring, and alerting strategies using CloudTrail, CloudWatch, and centralized SIEM solutions
• Participate in incident response efforts for cloud-related security events
• Automate security checks and compliance validation across AWS environments
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines (DevSecOps)
• Responding to RFIs

• Must possess an active Security Clearance
• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related field (or equivalent experience)
• 3+ years of experience in cloud security or infrastructure security
• Strong understanding of STIG hardening, vulnerability scanning, and remediation processes
• Strong hands-on experience with AWS security services and architecture
• Understanding of IAM, encryption (KMS), and key management best practices
• Experience with network security in AWS (VPCs, routing, firewalls)
• Proficiency in scripting languages (Python, Bash)
• Experience with Infrastructure as Code (Terraform or AWS CDK Python)
• Understanding of compliance frameworks such as NIST 800-53, RMF, CIS Benchmarks, and FedRAMP

Desired Qualifications:

• Experience with STIG hardening
• Experience with container security (EKS, ECS, image scanning)
• Knowledge of identity federation (SSO, SAML, OIDC)
• Experience integrating AWS logs with SIEM platforms
• Familiarity with Zero Trust architecture principles
• AWS certifications (AWS Certified Security – Specialty, Solutions Architect, etc.)
• Security certifications (CISSP, CISM, CEH, or Security+)

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.