Key skills
AWSKubernetesCI/CDCollaborationPenetration Testing
About this role
Skylight is a digital consultancy dedicated to improving public services for government agencies. The role of a Security Engineer involves implementing security best practices, conducting audits, and ensuring compliance while working closely with the U.S. Air Force Special Operations community to secure complex digital environments.
Responsibilities:
- Protect sensitive data by applying security and privacy best practices
- Conduct security audits and risk analyses
- Plan and implement remediations
- Conduct ongoing research to keep up with industry practices and new attack vectors
- Select and use the right tools, frameworks, languages, and technologies for the job, with a preference for open-source solutions
Requirements:
- Experience with DoD Security Ops, ATO (Authority to Operate) processes, NIST RMF, and CI/CD
- Experience with cloud infrastructure and Kubernetes
- High level of innovation and flexibility
- Ability to detect risks by continually reviewing all aspects of the application for vulnerabilities and enumerating them
- Ability to review software security vulnerabilities and enumerate them
- Possess an understanding of various kinds of security assessments, such as white-hat hacking and penetration testing
- Can mitigate security risks at each stage of the software development life cycle with an understanding of how to prevent these risks in the first place
- Ability to interpret and translate non-technical material, such as regulations, into business and technical requirements
- Understand common security pitfalls and can help the team avoid them
- Can select and use the right tools for the job, particularly open-source solutions
- Ability to work successfully within a professional services environment (e.g., can communicate effectively with clients)
- Passionate about creating better public outcomes through great government services
- A mindset and work approach that align with Skylight's core values
- Ability to travel for work from time to time
- Experience with AWS
- Coding experience
- DOD 8570 IAT Level II or III certifications
- Experience with tactical edge deployments or air-gapped solutions
- Experience designing, multi-step forms with thoughtful validation patterns and clear error handling to support seamless user input experiences
- Lead and facilitate collaborative workshops to align stakeholders, gather insights, and drive decision-making
- Experience owning design work by leading projects or serving as the sole designer, balancing strategy, execution, and cross-functional collaboration
- Prior experience working in the civic tech space
- Experience working in a remote-team environment