Commonwealth of Pennsylvania

POSITION DESCRIPTION FOR JOB POSTING

Position Number:  00004313

Description Activated On:  11/15/2024 11:19:28 AM


Position Purpose:
Describe the primary purpose of this position and how it contributes to the organization’s objectives. Example: Provides clerical and office support within the Division to ensure its operations are conducted efficiently and effectively. 

The Senior Cloud Security Engineer will be responsible for designing, implementing, and maintaining security measures to protect our cloud environments from various threats and vulnerabilities. The role includes providing expert engineering knowledge of enterprise IT and security solutions, performing architectural analysis, and supporting compliance with DoD/Federal cybersecurity policies.

Description of Duties:
Describe in detail the duties and responsibilities assigned to this position. Descriptions should include the major end result of the task. Example: Types correspondence, reports, and other various documents from handwritten drafts for review and signature of the supervisor.

Assist in the development of security policies, standards, and procedures for cloud environments.

Design secure cloud architecture and implement security controls to protect data and applications.

Ensure compliance with industry standards and regulatory requirements.

Design security architectures and recommend the integration of new architectural features into existing infrastructures.

Create cybersecurity architectural artifacts.

Provide architectural analysis of cybersecurity features and relate existing systems to future needs and trends.

Provide engineering recommendations and resolve integration and testing issues.

Identify, assess, and mitigate security risks and vulnerabilities in cloud environments.

Conduct regular security assessments, penetration testing, and vulnerability scans.

Monitor and respond to security incidents and breaches in cloud infrastructure.

Implement and manage identity and access management (IAM) policies and procedures.

Ensure proper configuration of role-based access controls (RBAC) and multi-factor authentication (MFA).

Maintain security monitoring tools and systems.

Analyze security logs and alerts to detect and respond to potential security incidents.

Develop and maintain incident response plans and procedures for cloud environments.

Work closely with DevOps, IT, and development teams to integrate security into the development lifecycle.

Provide guidance and training to team members on cloud security best practices.

Stay current with emerging security threats, technologies, and industry trends.

Maintain detailed documentation of security policies, procedures, and incidents.

Prepare and present regular security reports to management and stakeholders.

Design security architectures and recommend the integration of new architectural features into existing infrastructures.

Create cybersecurity architectural artifacts.

Provide architectural analysis of cybersecurity features and relate existing systems to future needs and trends.

Provide engineering recommendations and resolve integration and testing issues.

Apply expert engineering knowledge of enterprise IT and security solutions to assist in the design, develop, or review proposed solutions.

Ensure proposed solutions are consistent with enterprise architecture security policies.

Design and develop new or review proposed security control designs and solution planning at the system and enterprise levels.

Implement security-in-depth/defense-in-depth principles and other related IAM/ISSO/ISSE support functions.

Address a wide range of security issues, including architectures, firewalls, electronic data traffic, and network access.

Perform assessments of RMF artifacts and identify deviations from RMF control requirements.

Review and ensure strict program control processes to mitigate risks and support the assessment and authorization of systems.

Support process analysis, coordination, control certification tests, compliance documentation, investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.

Provide security engineering support in alignment with DoD/Federal cybersecurity policies (e.g., DoDI 8500.01, NIST SP 800-53, etc.).

Travel as required, including some overnight stays.

Performs other related duties as assigned.

Decision Making:
Describe the types of decisions made by the incumbent of this position and the types of decisions referred to others. Identify the problems or issues that can be resolved at the level of this position, versus those that must be referred to the supervisor. Example: In response to a customer inquiry, this work involves researching the status of an activity and preparing a formal response for the supervisor’s signature.

Responsible for making critical decisions that impact the security, integrity, and availability of our cloud infrastructure and services.

Requirements Profile: Identify any specific experience or requirements, such as a licensure, registration, or certification, which may be necessary to perform the functions of the position. Position-specific requirements should be consistent with a Special Requirement or other criteria identified in the classification specification covering this position. Example: Experience using Java; Professional Engineer License

Experience:

Certified Cloud Security Professional

Licenses, registrations, or certifications:

1. 
  OTHER
 
2.  
N/A
 
3.  
N/A
 
4.  

 
5.  

 
6.  


Essential Functions
: Provide a list of essential functions for this position. Example: Transports boxes weighing up to 60 pounds.
 
 1. Plan, organize and prioritize multiple tasks effectively.
 2. Analyze and interpret complex information.
 3. Communicate effectively both orally and in writing.
 4. Establish and maintain effective working relationships.
 5. Work independently and as a team member.
 6. Travel as required, including overnight travel.
 7. Ensures compliance with IT policies and management directives
 8. Provides on call and/or emergency support
 9. Organize and present data clearly
 10. Solves problems, reconciles competing and conflicting priorities and interests