Full-Time AWS GovCloud Security Operations Engineer
iPeople Infosystems is hiring a remote Full-Time AWS GovCloud Security Operations Engineer. The career level for this job opening is Experienced and is accepting USA based applicants remotely. Read complete job description before applying.
iPeople Infosystems
Job Title
Posted
Career Level
Career Level
Locations Accepted
Share
Job Details
AWS GovCloud Security Operations Engineer (EDR & SOAR)
- We are seeking a highly skilled Security Operations Engineer to join our team supporting a secure
- AWS GovCloud environment. The ideal candidate will possess extensive expertise in Endpoint
- Detection and Response (EDR) and Security Orchestration, Automation, and Response (SOAR)
- solutions, specifically with CrowdStrike and ThreatConnect. This role will be responsible for the
- configuration, management, and optimization of these security tools to ensure effective threat
- detection, response, and mitigation within a highly regulated cloud environment.
Key Responsibilities:
- Manage and maintain the CrowdStrike environment, including configuration of policies, tuning, and ensuring optimal security posture within AWS GovCloud.
- Develop and deploy ThreatConnect playbooks to automate threat detection, investigation, and response workflows.
- Support the design, implementation, and continuous improvement of EDR and SOAR integrations within AWS GovCloud, adhering to strict compliance and security requirements.
- Collaborate with SOC, CSIRT, and security engineering teams to develop and refine incident response processes and playbooks for automated and manual response.
- Conduct regular assessments to validate the effectiveness of CrowdStrike configurations and ThreatConnect playbooks, adjusting as necessary to improve threat coverage and minimize response time.
- Monitor, troubleshoot, and resolve issues related to EDR and SOAR tools within AWS GovCloud, ensuring high availability and performance.
- Stay up-to-date with AWS GovCloud-specific compliance mandates and ensure that security practices align with federal and industry standards.
Requirements:
Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or a
related field; or equivalent experience.
Experience:
- Minimum of 3-5 years of hands-on experience with CrowdStrike in enterprise environments, with
- demonstrated expertise in policy configuration and fine-tuning.
- Proficiency in ThreatConnect with proven experience building and deploying playbooks for
- automated threat detection and response.
- Experience working in AWS GovCloud environments and understanding of related compliance requirements (e.g., FedRAMP, ITAR).
Technical Skills:
- Deep knowledge of CrowdStrike configurations, policies, and threat intelligence features.
- Advanced proficiency in ThreatConnect playbook development and automation processes.
- Familiarity with AWS security and compliance tools, as well as cloud-native security practices.
Preferred Qualifications:
- Relevant certifications, such as AWS Certified Security, CrowdStrike Certified Falcon Responder (CCFR), or ThreatConnect Specialist certifications.
- Strong scripting skills (e.g., Python, PowerShell) for playbook customization and automation.
- Familiarity with other SOAR platforms, SIEM tools, or security frameworks used in cloud and hybrid environments.
Additional Attributes:
- Excellent problem-solving skills and the ability to work independently in a dynamic and complex environment.
- Strong communication and documentation skills to convey technical concepts to both technical and non-technical stakeholders.
- Collaborative mindset with experience in cross-functional teamwork within a security-focused environment.