About This Role
Who We Are:
CAE Vision: Our vision is to be the worldwide partner of choice in defense and security, and civil aviation by revolutionizing our customers’ training and critical operations with digitally immersive solutions to elevate safety, efficiency and readiness.
CAE Defense & Security Mission: CAE's Defense and Security business unit focuses on helping prepare military customers to develop and maintain the highest levels of mission readiness.
CAE Values: Empowerment, Innovation, Excellence, Integrity and OneCAE make us who we are and we strive to make a difference in the world while helping each other succeed.
What We Have to Offer:
Comprehensive and competitive benefits package and flexibility that promotes work-life balance
A work environment where all employees are valued, respected and safe
Freedom to succeed by enabling team members to deliver, take initiatives and make decisions
Recognition, professional development, advancement and having fun!
SUMMARY
The Cloud Infrastructure and Security Engineer is responsible for designing, implementing, and
maintaining secure cloud and on-premises IT environments. This role ensures the stability,
security, and scalability of cloud services, network systems, and cybersecurity defenses while
adhering to industry best practices and compliance requirements. This position works with others
in IT to ensure systems are operational and provides end user support when needed.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Reasonable accommodations may be made to enable individuals with disabilities to perform the
essential functions.
Design, deploy, and manage secure cloud environments (Air Force SharePoint, CloudOne, AWS)
while ensuring compliance with security frameworks (NIST, ISO 27001, FedRAMP).
Administer systems connected to NIPR network and ensure secure standards are enforced
Configure and maintain Identity and Access Management (IAM), Multi-Factor Authentication (MFA),
and Role-Based Access Control (RBAC) policies for cloud and on-prem systems.
Implement and monitor security controls, including intrusion detection/prevention systems
(IDS/IPS), Security Information and Event Management (SIEM), and endpoint protection solutions.
Perform vulnerability assessments and penetration testing to identify and mitigate security risks.
Manage networking infrastructure, including firewalls, VPNs, and load balancers, ensuring secure
connectivity between cloud and on-prem environments.
Conduct regular security audits, risk assessments, and disaster recovery planning for IT systems.
Develop and maintain security incident response plans, ensuring rapid detection and mitigation of
cyber threats.
Stay up to date with emerging cloud security threats, vulnerabilities, and best practices.
Provide technical guidance and training on cloud security best practices to internal teams.
Monitors usage of system.
Ensures Scheduled Backup Procedures, Non-Scheduled Backup Procedures, and Types of Backup
Media (Initialization Procedures, Label Documentation, Storage Locations (onsite/offsite), testing
backups) are in place and functional.
Conduct information security vulnerability scanning using the DoD’s Assured Compliance Assessment Solution (ACAS) (Tenable Security Center and Nessus Software)
Produce information security vulnerability scanning reports and develop Plans of Action and Milestones (POA&Ms) to resolve information security vulnerabilities
Install, test, configure, maintain and upgrade the computing and networking environment (CE/NE) operating systems, applications, software, hardware and network infrastructure components to comply with cybersecurity requirements (Security Technical Implementation Guides (STIG), Security Requirements Guides (SRG) and NIST best practices)
Implement and continuously monitor established technical security controls for CE/NE in accordance with information security plans, procedures and work methods
Develop compensating controls for information security deficiencies
Assist with developing or updating of Information Security related plans, procedures, work methods and documentation (such as network topology, hardware/software lists)
Other duties as assigned
QUALIFICATIONS AND EDUCATION REQUIREMENTS
Bachelor’s Degree in Management Information Systems, Computer Science, Information Technology or related field and 5+ years of experience in Information Technology or a combination of education and related experience.
Information Assurance Technician (IAT) Level III certified or capable of obtaining the certification within six (6) months of the completion of the probationary period.
Cloud Expertise: Experience with AWS, Azure, or Google Cloud security and infrastructure management.
Networking & Security: In-depth knowledge of firewalls, VPNs, IDS/IPS, SIEM, and endpoint security solutions.
Compliance & Frameworks: Understanding of NIST, CIS, ISO 27001, FedRAMP, and other regulatory security frameworks.
Incident Response & Monitoring: Familiarity with tools like Splunk, Sentinel, or CrowdStrike for threat detection and mitigation.
Operating Systems: Proficiency in Linux and Windows server administration.
Strong Analytical Skills: Ability to assess risks, troubleshoot security issues, and implement effective solutions.
Experience in a host and client/server, telecommunications and network migration and development, desktop computing, information system integration, hardware/software evaluation, information engineering and process reengineering methodologies are required.
Proven telecommunications and network analysis, design, implementation, tuning, and maintenance required.
Thorough understanding of large scale storage technology (SAN, NAS, Fiber channel, Tiered storage, zoning, LUNs, security, replication, backup)
Must be proficient in Ethernet protocols, and protocol analysis · Excellent Communication: Ability to articulate technical security concepts to non-tech
Must be able to effectively deliver oral presentations to management and customers
Must be able to work independently, with minimal supervision
Must be able to work overtime as required. · Must be willing to work any shift or day of the week as required.
Understanding of military protocols and customs is essential
Must be eligible for DoD Personnel Security Clearance.
CERTIFICATES, LICENSES, REGISTRATIONS
DoD 8570 approved baseline certification IAT Level III (at least one required) – CASP, CCNP Security, CISA, CISSP, GCED, GCIH · Preferred optional - AWS Cloud Practitioner, AWS Solutions Architect, AWS Security – Specialty, CCSP, GCSA, GSEC, CEH, CompTIA Cloud+
LANGUAGE SKILLS
Must have the ability to read, analyze, and interpret the most complex documents. Will be required to respond effectively to sensitive inquiries and complaints. Must be able to generate effective oral and written presentations and proposals on complex subjects.
MATHEMATICAL SKILLS
Must be able to calculate figures and amounts, prices, commissions, and percentages, and to draw and interpret graphs.
REASONING ABILITY
Must be able to define problems, collect data, establish facts, and draw valid conclusions. An ability to interpret complex customer requirements and attitudes from verbal, non-verbal, and written communication is desirable.
SECURITY RESPONSIBILITIES
Must comply with all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources.
WORK ENVIRONMENT AND PHYSICAL DEMANDS
· Work in a regular office environment; communicate via personal computer, telephone and fax.
Domestic and international travel as required.
Must be able to walk and/or climb stairs and ladder into a simulator or airplane cockpit. ·
Must be able to detect odors or hear noises, bangs, etc., or other sounds to detect problems or flaws in the functioning of simulators and its surrounding environment.
OTHER DUTIES
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice.
CAE USA Inc. is an equal opportunity employer, and all qualified applicants will be considered for employment without regard to any protected characteristic, including disability and protected veteran status, as defined under federal, state, or local laws.
Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability, please contact us at hrops@caemilusa.com
Position Type
RegularCAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.
CAE is an equal opportunity employer committed to providing equal employment opportunities to all applicants and employees without regard to race, color, national origin, age, religion, sex, disability status, protected veteran status, or any other characteristic protected by federal, state or local laws. At CAE, everyone is welcome to contribute to our success. Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability, please contact us at CAECarrieres-Careers@cae.com.