AWS Security Engineer

About Peraton

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Program Overview

About The Role

We are seeking an experienced AWS Security Engineer to ensure the security, compliance, and protection of our cloud-based infrastructure. The ideal candidate will have strong hands-on experience with AWS security services, cloud risk assessments, incident response, and continuous security monitoring. This role collaborates closely with Cloud Engineering, DevOps, and Application teams to maintain a secure, compliant, and resilient cloud environment.

What you will do:

• Lead and support vulnerability scanning and remediation efforts for cloud resources
• Manage IAM roles/policies, identity federation, encryption, KMS, and secrets management
• Provision and manage AWS infrastructure using Infrastructure as Code (IaC) tools such as Terraform
• Develop custom scripts for CloudWatch metrics and alarms based on application-specific probes
• Implement alerting and automated remediation workflows
• Assist with incident response, investigations, and root cause analysis of cloud security events
• Develop and maintain security architecture documentation, runbooks, and procedures
• Conduct AWS security posture assessments using automated tools
• Monitor and maintain AWS security controls using cloud-native detection and monitoring tools
• Partner with DevOps and engineering teams to embed security best practices into CI/CD pipelines and IaC
• Implement and enhance AWS security controls, guardrails, and baseline configurations
• Continuously evaluate AWS environments for cost-effective security improvements
• Conduct threat modeling, vulnerability analysis, and remediation coordination
• Support internal and external audits by gathering evidence and preparing documentation
• Maintain compliance with NIST, FISMA, and FedRAMP requirements
• Assist in risk assessments and security control testing
• Support change control processes and ensure accurate system/process documentation
• Evaluate emerging cloud security tools and recommend improvements
• Participate in on-call rotations to support 24/7 production systems

Qualifications

Required Qualifications:

• Bachelor's degree and 8 years or 6 years with a Master's degree.
• Proficiency with Python and Bash scripting
• Hands-on experience with ECS, EKS, EC2, and Lambda
• Strong experience with Git and CI/CD pipelines
• Advanced Terraform skills, including modules, variables, and workspaces
• Deep knowledge of AWS security services: IAM, KMS, GuardDuty, Security Hub, CloudTrail, Config Rules
• Ability to conduct IAM policy/permissions audits and enforce least privilege
• Skilled at interpreting access logs, cloud configurations, and IAM policies
• Excellent written and verbal communication skills
• Strong analytical and problem-solving abilities
• Must be a U.S. Citizen
• Must be able to obtain and maintain the required Agency clearance

Preferred Qualifications:

• AWS certifications such as Cloud Practitioner or Security Specialty
• Security compliance or audit certifications (e.g., CISA, Security+, etc.)

Key skills/competency

• Cloud Security
• AWS Services
• IAM Management
• Infrastructure as Code (IaC)
• Vulnerability Management
• Incident Response
• Compliance (NIST, FISMA, FedRAMP)
• CI/CD Security
• Python Scripting
• Terraform