Senior Cloud Security Specialist (API)

Senior Cloud Security Specialist (API)

Custom Software Systems, Inc. (CSS) is seeking a highly skilled Senior Cloud Security Specialist (API) to support a critical data access management initiative within the Security Engineering team supporting our client. This role is ideal for a hands-on security expert with deep experience in cloud platforms and secure REST API integrations, who can design, build, and implement resilient, secure connections across complex cloud environments.

The selected candidate will play a key role in strengthening enterprise security by developing and integrating modern, scalable solutions that support identity, access, and data protection across cloud, on-premise, and hybrid systems. This position requires both technical depth and strategic insight, working closely with engineering teams, architects, and stakeholders to deliver secure, high-performing integrations that align with federal cybersecurity standards.

Responsibilities

• Provide technical expertise and support to customers, IT management, and staff in cloud security threat risk assessments, development, testing, and the implementation and operation of appropriate information security plans, procedures, and controls techniques designed to prevent, minimize, or quickly recover from cyber-attacks or other serious cloud events.
• Develop and maintain security architecture artifacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• API integration architecture document detailing the integrations between the cloud systems.
• Data model and attribute mapping across cloud systems.
• Automation scripts and orchestration (serverless functions, scheduled jobs, event handlers).
• Build resilient, secure API integrations between cloud applications in support of an end-to-end data access management solution.
• Comprehensive testing and documentation of cloud integrations.
• Support data loss prevention and cloud access security broker cloud initiatives.
• Work across multiple teams as a Cloud Security Engineer SME to support security design, build, implementation, and monitoring of cloud platforms, applications, and tools.
• Offer technical consultation to cloud engineering teams on secure implementations.
• Create or update security configuration guides and playbooks.
• Serves as a cloud security expert, integrating sound practices from Identity and Access management, monitoring, platform standards, network segmentation and interconnection, encryption, and more into the cloud platforms.
• Work with Enterprise Architects, other functional area architects, and security specialists to ensure adequate security solutions.

Required Qualifications

• Minimum of six (6) years' experience in cybersecurity, including cloud security, compliance, and risk management, with a background in system and network security engineering.
• Minimum of six (6) years' experience on any Cloud Platform (AWS, Azure, Google, others).
• Minimum of five (5) years of experience in information security or related IT experience.
• Extensive REST API experience, specifically in implementing, securing, automating, testing, and documenting API integrations.
• Strong understanding of resilient integration patterns, including error handling, retry mechanisms, and monitoring strategies.
• Proficient in scripting and automation languages for security orchestration.
• Broad knowledge of information systems such as Windows security, network security, systems development, communication networks, security software/hardware, and operating systems.

Knowledge, Skills & Abilities

• Broad knowledge of information systems such as Windows security, network security, systems development, communication networks, security software/hardware, and operating systems.

Certificates

• AWS Certified Security - Specialty (strongly preferred).
• AWS Certified Solutions Architect - Professional or Associate (strongly preferred).
• At least one of the following certifications preferred: CompTIA Security+, Certificate of Cloud Security Knowledge (CCSK), Professional Cloud Architect, Professional Cloud Security Engineer, Certified Cloud Security Professional (CCSP), CISSP, CISM, CISC, Certified Ethical Hacker (CEH).

Education

• Bachelor's degree in Information Security, Computer Science, Management of Information Systems, or related field required

Preferred Qualifications

• Prefer experience with integrations between ServiceNow, Collibra, and Saviynt
• Experience implementing cloud-native serverless architectures and services
• Experience in architecting and implementing security controls across public cloud platforms
• Experience implementing DevSecOps practices, including continuous integration/deployment pipelines and infrastructure as code methodologies
• Experience implementing cloud access security broker (CASB) solutions for SaaS application security and visibility
• Strong understanding of security concepts and technologies related to Identity and Access Management (IAM), security engineering, network security design, security operations, security architecture, general engineering processes, cloud security, data loss protection, zero trust, DevSecOps, and vulnerability management.
• Demonstrated federal experience and comprehensive knowledge in adopting and implementing federal cybersecurity requirements, including but not limited to the NIST Cybersecurity Framework, OMB Memorandum M-22-09, NIST SP 800-53
• Possess deep analytical, problem-solving, and troubleshooting experience to independently resolve complex security challenges.
• Proven ability to provide technical security consultation and advisory services with a proactive approach to identifying potential issues, raising questions, and engaging in open dialogue with team members and stakeholders to ensure security objectives are met.

Compensation & Benefits

• Wage Range: Negotiable
• General Benefits: Custom Software Systems, Inc. offers our employees a competitive benefits package that may include:
• Health insurance plans
• Health Savings Account (HSA)
• Dental
• Vision
• Long-term disability
• Short-term disability
• Basic term life insurance
• Supplemental term life insurance for employees, spouses, and dependents
• Simple IRA
• Parking/Commuting expense reimbursement
• Training/Education
• Compensation range must be coordinated with and approved by the CSS Chief Operating Officer (COO).
• Compensation & Benefits information is required for all Maryland Employers effective October 1, 2024.