As a member of the stackArmor– Cloud Security Operations and Continuous Monitoring team, your work will revolve around monitoring, analyzing, and responding to critical security events within a client’s AWS-based hosting environments in compliance with FedRAMP, FISMA/RMF, and CMMC requirements.

This includes:

  • Understanding common attack patterns and threat profiles using well-known frameworks such as MITRE ATT@CK amongst others
  • Developing playbooks, algorithms, and incident response processes for preventing, detecting, and responding to security events
  • Implementing monitoring, analysis, and response procedures and helping the wider team learn and acquire security analysis and threat hunting skills

As a member of the continuous monitoring and security team, your specific responsibilities in contributing to these deliveries will consist of the following:

  • Hardening of systems in compliance with DISA STIG and CIS benchmarks
  • Monitoring AWS-based systems for security events, anomalies, and threats.
  • Analyzing network traffic, logs, and system events using common industry tools including but not limited to Palo Alto Networks, Splunk, Burpsuite, custom bots, Nessus Tenable, TrendMicro, McAfee amongst others
  • Implement detection and analysis models for common AWS services including IAM, EC2, EBS, S3, and associated security services such as Cloudtrail, Security Hub, Config and Cloudwatch
  • Develop and activate incident response protocol based on NIST standards including response, remediation, and recovery
  • Perform threat hunting, pro-active modeling, and continuous improvement of detection and response protocols
  • Deliver well-written action reports, incident response actions and assist with client communications
  • Continuous professional development in maintaining industry-specific certifications, building and maintaining a strong depth of knowledge in the practice area.

Expected Work Experience

  • BS or above in related Information Technology field or equivalent combination of education and experience.
  • Deep security monitoring, incident response, and threat hunting experience on cloud services.
  • Demonstrated hands-on experience with security tools and technologies as well as industry best practices e.g. MITRE ATT@CK framework.
  • Effective documentation skills, including technical diagrams and written descriptions.
  • Ability to work independently and as part of a team with a professional attitude and demeanor.
  • Critical thinking, and ability to balance security requirements with mission needs.
  • Ability to work quickly, efficiently, and accurately in a dynamic and fluid environment.
  • Enthusiastic about emerging technology, actively participating in the technical community, including contribution to user groups, presentations, and marketing materials.

Required Qualifications

  • Must be a U.S. Citizen and eligible for a secret clearance
  • Demonstrated experience with advanced security operations experience in a SOC delivering services in compliance with NIST based policies, procedures, and plans
  • Strong written and verbal communication skills including the ability to explain technical matters to non-technical audiences
  • Understanding of AWS and other cloud technologies
  • Demonstrated experience and understanding of networks, data flows, permissions, and tools including e.g. TCP-IP, VPN, Firewalls, Zero-Trust Architectures
  • Experience with penetration testing, vulnerability assessments, and supporting or interacting with Red Teams
  • Ability to assist team members with proper artifact collection and detail to client’s examples of artifacts to satisfy assessment requirements
  • Industry recognized certifications such as GCIA, GCIH, Network+, Security+, or other related certifications

Job Type: Full-time


  • 401(k)
  • Dental insurance
  • Health insurance
  • Paid time off
  • Professional development assistance
  • Vision insurance


  • 8-hour shift


  • Bachelor’s (Preferred)

To apply, submit your application on Indeed or send us an email at