Mid-Level Cloud Security Engineer - Secret Cleared, On-Site

Employment Type: Full Time Salary Exempt

Schedule: 8-hour workday;
Monday-Friday, Core working hours 9AM-3PM Eastern Time

Location: Onsite Washington D.C. (20006)

Employment Status: Must be a US Citizen

Education: BA/BS or higher preferred

Security Clearance: Active DoD Secret or higher

Language Requirement: Must be very fluent in written and spoken English

Industry: Federal Government Contracting

Trewon is seeking a highly skilled Mid-Level Cloud Security Engineer. Hands‑on experience using the Wiz Cloud Security Platform is a plus, but not a requirement.

This engineer will be responsible for onboarding systems into Wiz, managing cloud security posture, developing automated workflows, and supporting security operations across multi‑cloud environments.

The ideal candidate has strong technical expertise, outstanding communication skills, and the ability to work collaboratively with cybersecurity, cloud engineering, and ISSO/ISSM teams.

• Onboard new cloud resources and applications into the Wiz platform.
• Manage, configure, and optimize Wiz Cloud, Wiz Defend, and Wiz Code modules.
• Maintain connectors, API integrations, and service accounts for multi‑cloud environments (AWS, Azure, GCP).
• Interpret and triage Wiz findings, misconfigurations, toxic combinations, and vulnerability exposures.
• Develop and maintain security policies, rules, and automation playbooks within Wiz.

• Implement and maintain cloud security controls aligned with NIST 800‑53, RMF, and DoD/DoD requirements.
• Support vulnerability management, continuous monitoring, and threat remediation activities.
• Conduct architecture reviews, risk assessments, and secure configuration evaluations.
• Collaborate with Dev Ops teams on secure SDLC, CI/CD hardening, and IaC (Terraform/Cloud Formation) security.

• Configure and maintain Wiz integrations with tools such as Service Now, Splunk, MS Teams, Okta, Git Lab, Qualys, Tenable and other integrations as required.
• Support SSO configuration with Okta as Identity Provider.
• Develop custom API–based workflows and webhook automations for real‑time alerting and reporting.

• Produce clear written documentation, including SOPs, onboarding guides, and security reports.
• Communicate complex technical issues to non‑technical stakeholders.
• Coordinate with ISSO/ISSM teams and support ATO/continuous monitoring documentation requirements.

• U.S. Citizen with active Secret (or higher) security clearance.
• 2‑3 years of experience in cloud security, security engineering, or Dev Sec Ops .
• Experience with RMF, NIST 800‑53, and federal security compliance frameworks.
• Strong knowledge of AWS/Azure/GCP cloud architectures and security controls.
• Experience with API integrations, service accounts, and cloud‑native security tools.
• Proficiency in IaC, scripting (Python/Power Shell), and CI/CD pipelines.
• Excellent oral and written English communication skills.

• Hands‑on experience with the Wiz platform (Cloud, Defend, Code modules).
• Wiz Certification (Wiz Certified Cloud Security Practitioner or equivalent).
• Security‑related certifications such as Sec+, CCSP, AWS‑/Azure Security, CISSP (nice to have).
• Experience with SIEM/SOAR platforms (Splunk, Sentinel), vulnerability scanners (Qualys, Tenable).

Work Environment
:
On‑site, Monday‑Friday, Washington D.C.

Collaboration with Cloud Engineering, ISSO, and Cybersecurity Operations teams.

Opportunity to work on advanced cloud security programs within a federal environment.