Cloud7Works, Inc. is a small business federal IT contractor specializing in cloud modernization and cybersecurity. The Security Engineer will be responsible for monitoring platform health, responding to incidents, and supporting compliance efforts in a federal environment.
Responsibilities:
- Perform continuous monitoring of platform health and security telemetry; identify and escalate anomalous events
- Triage alerts and support first-line incident response using established runbooks and escalation procedures
- Conduct log analysis and auditing across SIEM tooling (Splunk or equivalent)
- Run scheduled and ad-hoc vulnerability scans; track findings through remediation and validate closure
- Support monthly user access and entitlement reviews; flag stale credentials and access anomalies
- Gather audit evidence and help maintain compliance artifacts aligned to NIST 800-53
- Maintain accurate operational documentation, tickets, and shift/turnover records
- Support senior staff during audits, assessments, and continuous-monitoring cycles
Requirements:
- 2+ years in security operations, SOC monitoring, or a comparable security analyst role
- Bachelor's degree in a technical or related field (or equivalent experience)
- CompTIA Security+ (or equivalent baseline certification)
- Hands-on experience with SIEM monitoring, log analysis, and vulnerability-scan tooling
- Working knowledge of NIST 800-53 / RMF concepts
- Strong attention to detail and a documentation-first mindset
- Experience in security operations and incident response
- Proficiency in SIEM tools and log analysis
- Knowledge of compliance frameworks and security standards
- Experience in a FedRAMP (Moderate or High) or other federal security environment
- Exposure to AWS security services (GuardDuty, Security Hub, Inspector) and/or Databricks platform monitoring
- Familiarity with POA&M workflows and RMF assessment artifacts (SSP/SAR)
- Experience with ticketing/GRC tools (ServiceNow, JIRA)
- CySA+ or similar analyst-level certification