[Hiring] AWS Security Engineer @CACI International

Role Description

Join the MilMove Security team supporting mission-support defense logistics systems in an AWS GovCloud environment. Lead GitLab CI/CD security operations including SAST/DAST implementation and secure pipeline development. Drive Risk Management Framework (RMF) compliance activities and support Authorization to Operate (ATO) processes for DoD systems. Work with cutting-edge cloud security technologies and DevSecOps practices while maintaining DISA STIGs and NIST 800-53 compliance. Collaborate with cross-functional development and operations teams to embed security throughout the software development lifecycle.

• Design, implement, and maintain security controls for AWS GovCloud environments in accordance with DISA STIGs, NIST RMF, and FedRAMP requirements
• Lead SAST/DAST execution and runtime vulnerability assessments using GitLab tools
• Own security findings triage, remediation tracking, and verification across application portfolios
• Integrate and optimize GitLab security scanners (SAST, DAST, Dependency Scanning, Container Scanning, Secret Detection)
• Embed security controls into CI/CD pipelines and enforce secure development lifecycle practices
• Support the complete RMF accreditation lifecycle and development of artifacts required for Authorization to Operate (ATO)
• Implement and validate security controls in accordance with NIST 800-53, DISA STIGs, DFARS, and CMMC frameworks
• Assist the Information System Security Manager (ISSM) with security control implementation and continuous monitoring
• Develop and maintain Plans of Action and Milestones (POA&Ms) to remediate assessment findings
• Monitor and investigate alerts from security tools (AWS Security Hub, GuardDuty, GitLab security dashboards)
• Conduct incident response investigations using AWS CloudWatch and CloudTrail log analysis to determine root cause
• Participate in the full incident management lifecycle: identification, categorization, containment, eradication, recovery, and lessons learned
• Perform technical security assessments of computing environments to identify vulnerabilities and compliance gaps
• Review and update network diagrams, architecture documentation, and cloud security configurations
• Generate and review security architecture documentation, System Security Plans (SSPs), and compliance reports
• Serve as security engineering representative on cross-functional teams for design, development, and implementation of secure systems

Qualifications

• Bachelor's degree (BA/BS) in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience)
• Minimum 2-5 years of hands-on cybersecurity or information assurance experience
• Active Secret security clearance
• Experience with AWS or AWS GovCloud, including dashboards, and security services
• Hands-on experience with GitLab CI/CD pipelines and security scanning tools
• Working knowledge of DISA STIGs, NIST RMF (800-53, 800-171), and security compliance frameworks
• Familiarity with security standards: CIS benchmarks, FIPS 140-2, DFARS, CMMC, FedRAMP
• Understanding of DevOps and Agile methodologies
• Strong written and verbal communication skills for technical documentation and stakeholder engagement
• Ability to work independently with limited supervision and solve complex security problems
• Security certifications: SecurityX, CASP+, CISSP, or equivalent

Requirements

• AWS Certifications: Cloud Practitioner, Solutions Architect Associate/Professional, or Security Specialty
• Experience with SAST and other application security testing tools
• Knowledge of secure software development lifecycle (SSDLC) practices
• Previous experience supporting federal government or DoD clients
• Understanding of Zero Trust Architecture principles

Benefits

• Comprehensive benefits such as healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits
• Flexible time off benefit
• Access to robust learning resources

Company Description

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.