Cloud Security Specialist (API)

Title: Cloud Security Specialist (API)Location: Washington, DCDuration: 6 monthsWork Authorisation: US CitizenJob Description:BACKGROUND:We are seeking a Senior Cloud Security Specialist to support the Security Engineering team within the IT division at the client location.This team is responsible for the strategy, design, deployment, and maintenance of effective security solutions in cloud, local, and hybrid environments.REQUIREMENTS:Required ExperienceExtensive REST API experience specifically in implementing, securing, automating, testing, and documenting API integrations.Strong understanding of resilient integration patterns including error handling, retry mechanisms, and monitoring strategiesProficient in scripting and automation languages for security orchestrationPreferred Qualifications:AWS Certified Security - Specialty (strongly preferred)AWS Certified Solutions Architect - Professional or AssociatePrefer experience with integrations between ServiceNow, Collibra, and SaviyntExperience implementing cloud-native serverless architectures and servicesExperience architecting and implementing security controls across public cloud platformsExperience implementing DevSecOps practices including continuous integration/deployment pipelines and infrastructure as code methodologiesExperience implementing cloud access security broker (CASB) solutions for SaaS application security and visibilityStrong understanding of security concepts and technologies related to Identity and Access Management (IAM), security engineering, network security design, security operations, security architecture, general engineering processes, cloud security, data loss protection, zero trust, DevSecOps and vulnerability management.Demonstrated federal experience and comprehensive knowledge in adopting and implementing federal cybersecurity requirements, including but not limited to the NIST Cybersecurity Framework, OMB Memorandum M-22-09, NIST SP 800-53Possess deep analytical, problem-solving, and troubleshooting experience, to independently resolve complex security challenges.Proven ability to provide technical security consultation and advisory services with a proactive approach to identifying potential issues, raising questions, and engaging in open dialogue with team members and stakeholders to ensure security objectives are met.The Contractor shall deliver, but not limited to, the following:API integration architecture document detailing out the integrations between cloud systems.Data model and attribute mapping across cloud systems.Automation scripts and orchestration (serverless functions, scheduled jobs, event handlers)Build resilient, secure API integrations between cloud applications in support of an end to-end data access management solution.Comprehensive testing and documentation of cloud integrationsSupport data loss prevention and cloud access security broker cloud initiativesWork across multiple teams as a Cloud Security Engineer SME to support security design, build, implementation, and monitoring of cloud platforms, applications, and tools.Offer technical consultation to cloud engineering teams on secure implementationsCreate or update security configuration guides and playbooks