AWS Security Engineer

Job Title: AWS Security Engineer Job Category: Engineering Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: None Type of Travel: None

• * *

The Opportunity: Join the MilMove Security team supporting mission-support defense logistics systems in an AWS GovCloud environment. Lead GitLab CI/CD security operations including SAST/DAST implementation and secure pipeline development. Drive Risk Management Framework (RMF) compliance activities and support Authorization to Operate (ATO) processes for DoD systems. Work with cutting-edge cloud security technologies and DevSecOps practices while maintaining DISA STIGs and NIST 800-53 compliance. Collaborate with cross-functional development and operations teams to embed security throughout the software development lifecycle. Responsibilities:

• Design, implement, and maintain security controls for AWS GovCloud environments in accordance with DISA STIGs, NIST RMF, and FedRAMP requirements
• Lead SAST/DAST execution and runtime vulnerability assessments using GitLab tools
• Own security findings triage, remediation tracking, and verification across application portfolios
• Integrate and optimize GitLab security scanners (SAST, DAST, Dependency Scanning, Container Scanning, Secret Detection)
• Embed security controls into CI/CD pipelines and enforce secure development lifecycle practices
• Support the complete RMF accreditation lifecycle and development of artifacts required for Authorization to Operate (ATO)
• Implement and validate security controls in accordance with NIST 800-53, DISA STIGs, DFARS, and CMMC frameworks
• Assist the Information System Security Manager (ISSM) with security control implementation and continuous monitoring
• Develop and maintain Plans of Action and Milestones (POA&Ms) to remediate assessment findings
• Monitor and investigate alerts from security tools (AWS Security Hub, GuardDuty, GitLab security dashboards)
• Conduct incident response investigations using AWS CloudWatch and CloudTrail log analysis to determine root cause
• Participate in the full incident management lifecycle: identification, categorization, containment, eradication, recovery, and lessons learned
• Perform technical security assessments of computing environments to identify vulnerabilities and compliance gaps
• Review and update network diagrams, architecture documentation, and cloud security configurations
• Generate and review security architecture documentation, System Security Plans (SSPs), and compliance reports
• Serve as security engineering representative on cross-functional teams for design, development, and implementation of secure systems

Qualifications: Required:

• Bachelor's degree (BA/BS) in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience)
• Minimum 2-5 years of hands-on cybersecurity or information assurance experience
• Active Secret security clearance
• Experience with AWS or AWS GovCloud, including dashboards, and security services
• Hands-on experience with GitLab CI/CD pipelines and security scanning tools
• Working knowledge of DISA STIGs, NIST RMF (800-53, 800-171), and security compliance frameworks
• Familiarity with security standards: CIS benchmarks, FIPS 140-2, DFARS, CMMC, FedRAMP
• Understanding of DevOps and Agile methodologies
• Strong written and verbal communication skills for technical documentation and stakeholder engagement
• Ability to work independently with limited supervision and solve complex security problems
• Security certifications: SecurityX, CASP+, CISSP, or equivalent

Desired:

• AWS Certifications: Cloud Practitioner, Solutions Architect Associate/Professional, or Security Specialty
• Experience with SAST and other application security testing tools
• Knowledge of secure software development lifecycle (SSDLC) practices
• Previous experience supporting federal government or DoD clients
• Understanding of Zero Trust Architecture principles

- What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy. Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Since this position can be worked in more than one location, the range shown is the national average for the position. The proposed salary range for this position is: $69,100-$141,500 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic. Apply To This Job