Cloud Security Engineer

About the role

We are seeking a Cloud Security Engineer to design, implement, maintain, and optimize secure cloud environments supporting U.S. government, DoD, and intelligence community missions. This role plays a critical part in protecting classified and sensitive data in AWS, Azure, and hybrid/multi-cloud infrastructures while ensuring full compliance with federal standards such as NIST 800-53, FedRAMP, RMF, and DoD Impact Levels (IL-4/IL-5). The candidate must hold an active Secret clearance (TS/SCI preferred) and bring hands-on experience securing cloud platforms in regulated environments. This role will help the organization meet industry standards such as SOC2, ISO 27001, PCI-DSS, GDPR/CCPA, or other relevant compliance frameworks.

Responsibilities

• Design and implement secure cloud architectures and configurations across AWS GovCloud, Azure, and/or Google Cloud, applying best practices for least privilege encryption, network segmentation, and data protection.
• Implement and maintain cloud security frameworks, ensuring ongoing compliance with NIST 800-53 Rev. 5, FedRAMP, DoD IL-2/4/5, RMF, and Secure Cloud Computing Architecture (SCCA) requirements.
• Configure and manage Identity and Access Management (IAM), Role-Based Access Control (RBAC), Just-In-Time (JIT) access, Key Vaults, and Zero Trust Architecture (ZTA) principles across cloud environments.
• Engineer, deploy, and optimize cloud-native security tools, including Microsoft Defender for Cloud, Azure Sentinel, AWS GovCloud security services, CSPM/CWPP solutions, and SIEM (Elastic) platforms for threat detection, monitoring, and response.
• Conduct vulnerability assessments, penetration testing simulations, security configuration reviews (against STIGs, CIS benchmarks, and NIST controls), and continuous
• monitoring of cloud resources.
• Develop, maintain, and update System Security Plans (SSP), Security Assessment Reports (SAR), Plans of Action & Milestones (POA&M), and risk/compliance reporting for cloud-based operations.
• Identify, analyze, and respond to Indicators of Compromise (IoCs), threat intelligence, and security incidents within cloud environments; perform root-cause analysis and implement preventive controls.
• Perform periodic security reviews and audits of cloud environments (Azure, AWS, hybrid) to ensure sustained compliance, mitigate evolving threats, and update policies/procedures.
• Collaborate with DevSecOps, infrastructure, and development teams to integrate security into CI/CD pipelines, automate security controls, and support secure cloud migrations or
• modernization initiatives.
• Assess current cloud architectures, propose security improvements, review designs through a security lens, and serve as a subject-matter expert on cloud security tools,
• processes, and best practices.
• Coordinate with configuration management teams to ensure hardware/software changes adhere to security protocols, maintain version control, and support documentation of the cyber terrain.
• Develop, enforce, and maintain cloud security policies, standards, and automated guardrails to support secure CI/CD pipelines and infrastructure-as-code (IaC) practices (e.g., using Terraform, CloudFormation).
• Monitor cloud environments for security incidents, investigate alerts, perform root-cause analysis, and coordinate incident response activities.
• Identify emerging threats and recommend proactive improvements to cloud security posture, including automation of security controls and processes.
• Provide guidance and training to engineering teams on secure cloud design patterns and best practices.
• Ability to be on-site 5 days a week at our office Playa Vista.

Requirements

• Security Clearance: Active U.S. Secret clearance required (TS/SCI)
• Must be a U.S. citizen.
• Education: Bachelor's degree in Cybersecurity, Information Assurance, Computer Science, or a related field (or 5+ years equivalent professional experience in cloud security engineering)
• Experience: 5-9+ years in cloud security engineering, with hands-on work in AWS GovCloud, Azure, Google GCP, or multi-cloud environments.
• Strong analytical, problem

Additional Information

Spacecraft represent the most pressing unmet need across the entire aerospace industry. As more launch vehicles come online and the cost to orbit decreases, more companies launching payloads to space continue to emerge. For the first time in history, this influx of payload companies combined with reduced launch costs has resulted in a massive increase in need for commercial spacecraft platforms, known as satellite buses. These buses hold the payloads of our customers and are flown on launch vehicles. Apex manufactures these satellite buses at scale using a combination of software, vertical integration, and hardware that is designed for manufacturing. Our spacecraft enable the future of society: ranging from earth observation to communications and more. We'd love for you to join us on our mission of providing humankind access to the galaxy beyond our planet.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at apex-technology-inc? Share your experience