AWS Security Engineer

CMT Services Inc. is a dynamic and small business supporting Federal, State, and Local government agencies. As an SBA-certified HUBZone, Woman Owned Small Business (WOSB), we deliver quality, professional services to support the missions and strategic business goals of our clients.

AWS Security Engineer

University of Maryland Global Campus
3501 University Blvd. East
Adelphi, MD 20783

1 year
40 hours per week (no overtime).

The AWS Security Engineer will support UMGC by ensuring the security of its AWS cloud infrastructure and applications. The resource will design, implement, and maintain security controls, conduct assessments, and provide ongoing monitoring and response. The contractor will collaborate with cross-functional teams to embed security best practices and lead initiatives to strengthen the organization’s cloud security posture. This resource reports to the Manager, Information Security.

• Design, implement, and manage AWS cloud security controls (IAM, VPC, S3, KMS, Guard Duty, Cloud Trail, Security Hub).
• Conduct vulnerability assessments, penetration testing, and risk analyses; recommend and implement mitigations.
• Monitor and respond to security events; support incident response and forensic investigations.
• Automate security processes and integrate security tools into CI/CD pipelines.
• Develop and maintain AWS security policies, procedures, and documentation.
• Train engineers on secure coding practices and AWS security standards.
• Lead AWS-focused security roadmap projects and ensure compliance with frameworks (e.g., NIST, ISO 27001, ITIL, COBIT).
• Collaborate with IT, engineering, and vendors to ensure secure design, deployment, and operations.

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
• 3+ years AWS security engineering experience with deep knowledge of AWS services (IAM, VPC, KMS, Guard Duty, Cloud Trail, Security Hub, etc.).
• AWS Security or Architect certifications preferred.
• Experience with cloud security principles (network segmentation, IAM, encryption, monitoring).
• Proficiency with scripting/automation (Python, Power Shell, etc.).
• Strong background in vulnerability management, incident response, and security assessments.
• Knowledge of compliance frameworks (PCI, GDPR, GLBA, CMMC, etc.).
• Familiarity with secure software development lifecycle, code reviews, and API security.
• Strong problem-solving, analytical, and communication skills.
• Ability to work independently, lead initiatives, and mentor others when needed.