Cloud Security Engineer (ISD Engineer IV)

Location: VA Vienna - Headquarters Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description


You have goals, dreams, hobbies and things you’re passionate about.

What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.

Don’t take our word for it.

  • FORTUNE 100 Best Companies to Work For®
  • Computerworld® Best Places to Work in IT
  • FORTUNE® Best Workplaces for Millennials
  • Forbes® America’s Best Employers


Basic Purpose

The Cloud Security Engineer will be responsible for the design, development, and execution of large-scale cyber security cloud initiatives. Team leadership skills are a must in this role. This position requires a passionate and talented Cyber Security professional with problem-solving abilities and enterprise troubleshooting/testing/tuning skills who can work in a fast-paced environment.


•Be part of a team that designs, protects and manages security services for Navy Federal’s global security infrastructure.
•The Cloud Security Engineer will work closely with other internal and external teams to promote security best practices to support the build of a reliable, stable, high performance, core infrastructure platform to host highly critical cloud-based security systems. The Cloud Security Engineer will partner across multiple efforts to develop and drive the overall secure design, development and security maturity of Navy Federal’s core business and security infrastructure environment.
•Engineer and tune the cloud security solutions including but not limited to enrollments, monitoring, alerting and maintaining defined security posture.
•Implement, develop and integrate cloud based proxy, data loss prevention (DLP), digital rights management (DRM), Splunk.
•Engage in technical design of solutions based on use cases and business requirements.
•Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations.
•Stay abreast of emerging technologies, cloud security best practices, frameworks and threats to proactively assess and evaluate secure solutions adoption.


•Bachelor's Degree in Information Technology or the equivalent combination of training, education, and experience.
•5+ years of total experience in Cyber Security engineering, cloud architecture, tuning, cloud governance and security controls.
•3+ years of direct hands-on experience in tuning of network sensors, such as IDS/IPS, DDOS, cloud security services.
•Domain expertise of network security sensors such as IDS (Suricata), cloud security access broker, Virtual Network security, DDOS protections, DNS, etc.
•Detailed understanding of Virtual Network Technologies Routers, switches, Load Balancers, firewalls, proxy, etc.
•Good understanding and exposure to Cloud standards, architecture and models.
•Detailed proficiency with Linux (or similar) operating systems.
•In depth understanding of TCP/UDP/ICMP/IP protocols.
•Experience with PKI, SSL, SSH, HTTPS, etc.
•Knowledge of RESTful / micro web services (client – server application) and Publish/Subscribe event driven messaging services.
•Experience with of Automation frameworks, DevSecOps best practices, etc.
•Software development domain and principles, including design patterns, code structure, programming languages, continuous integration (Git), continuous deployment (Travis/Jenkins), and deployment orchestration (Chef, puppet, or equivalent).
•Experience with network protocols and deep packet inspection.
•Proven experience delivering large scale, highly available security solutions.
•Experience with major cloud providers such as Azure, AWS, Oracle Cloud, etc.
•Relevant security certifications such as OSCP, ISC2 CISSP, SANS, CEH, etc. are a major plus.
•System admin - Red Hat Linux/Unix, Windows – Experience and knowledge is desired.
•Knowledge of micro services, kubernetes, docker etc. is desired.

Hours: Monday - Friday, 8:00am - 4:30pm

Location: 820 Follin Lane, Vienna, VA 22180

*Due to COVID-19 and social distancing, this position will be temporarily working from home with plans to return to campus at the desired location listed once Navy Federal is back to normal operations. The specific logistics for returning to campus will be determined at a future date by individual leadership* 

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.
An assessment may be required to compete for this position.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.


Employee Referrals

This position is eligible for the TalentQuest employee referral program. Please indicate the employee who referred you when applying.