Senior Cloud Cybersecurity Engineer

Description

Leidos has an exciting opening for you, our next Senior Cloud Cybersecurity Engineer , to play a critical role in the accreditation and operation of a state-of-the-art technology stack under the DOMEX Technology Platform (DTP) where we support our clients mission to centralize and standardize Tasking, Collection, Processing, Exploitation and Dissemination (TCPED) of Open Source Intelligence (OSINT) across the Defense and Intelligence Community enterprises. We leverage cloud-based computing, artificial intelligence (Al), machine learning (ML), and cross-domain transfer systems to provide cutting edge data exploitation, enrichment, triage, and analytics capabilities to the Defense Intelligence Enterprise.

Through training, teamwork, and exposure to challenging technical work, let Leidos show how to accelerate your career path. At Leidos , we offer competitive benefits , including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in Analysis Solutions Business Area!

Key Responsibilities include:

• Collect, review, assess, and provide feedback on system cybersecurity, architecture, and engineering artifacts
• Collect, review, assess, and provide feedback on system cybersecurity Body-of-Evidence (BOE) results required to support DoD & IC RMF cybersecurity authorization processes
• Conduct periodic compliance scanning, vulnerability assessments, and risk analysis for cloud-based systems
• Implement and manage security controls for containerized applications and the underlying cloud-based infrastructure
• Collaborate with DevSecOps, infrastructure, and software development teams to ensure secure coding and engineering practices
• Ensure integration of security measures into software development processes, CI/CD pipelines, and engineering tools
• Develop, maintain, and execute shell commands, scripts, and automation code for STIG compliance and validation
• Implement and manage continuous monitoring solutions of cloud-based architectures
• Support Government cybersecurity officials & program personnel in preparing cybersecurity packages, including Interim Authority to Test (IATT) packages, Authority to Operate (ATO) packages, and Change Requests (CRs)
• Stay current with emerging cloud security threats, technologies, and best practices

Basic Qualifications:

• Clearance: Active or current Top Secret with SCI eligibility and the ability to obtain Polygraph
• Education & Experience: Bachelors degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or related technical discipline and 12-15 years of relevant experience OR Masters degree with 10-13 years of relevant experience. Additional years of experience may be considered in lieu of a degree. ISSO experience must be supplemented with demonstrated technical expertise.
• Certification: At least one DoD 8570.01-M IAT or IAM Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, CISSP (or Associate) and the ability to obtain Privileged User Account (PUA)/elevated access per DoD 8570 policy
  

To be successful in this role you will need:

• Hands-on experience with Linux operating systems and scripting languages such as Bash, Python, Perl or similar
• Experience with Commercial Cloud Services (C2S) and cloud-based enterprise services, preferably AWS
• Experience securing software applications and infrastructure by implementing security controls
• Experience supporting RMF processes such as authorization and continuous monitoring
• Experience with NIST SP 800-37, SP 800-53 Rev4 or Rev5, CNSSI 1253, and applicable DoDI publications
• Experience implementing and validating STIG compliance across operating system, database, server, and application tiers
• Experience with RMF/GRC platforms such as Xacta or eMASS
• Experience with performing compliance & vulnerability scans and related security tools for SIEM & event management, SAST, DAST
• Demonstrated understanding of unique security threats in the cloud and the required corresponding system security posture
• Demonstrated understanding of how to secure Kubernetes platforms and integrate security into CI/CD pipelines, containers, and platform orchestration tools.

You will wow us even more if you have these skills:

• Active TS/SCI with polygraph
• Experience supporting the Intelligence Community in RMF activities with ICD 503 and related compliance directives, policies, procedures
• Multiple IAT/IAM II or III advanced certifications such as:
  • CISSP-ISSAP/ISSEP
  • CISM
  • CCSP
  • Security X/CASP+
• Cloud certifications such as:
  • AWS Solutions Architect
  • AWS Security Specialty
  • Kubernetes and Cloud Native Associate (KCNA)
  • Certified Kubernetes Administrator (CKA)
  • Certified Kubernetes Security Specialist (CKS)
• Linux certifications such as:
  • Linux+
  • Red Hat Certified System Administrator - Enterprise Linux (RHCSA)
  • Red Hat Certified Engineer - Enterprise Linux (RHCE)
  • Red Hat Certified Architect - Enterprise Linux (RHCA)
• Prior network engineering experience with encryption and transport in the cloud
• Experience applying DoW Zero Trust framework
• Experience applying security controls to various AI implementations
• Understanding of secure software development practices and code reviews in Agile and DevSecOps environments

• NMECDTP-Leidos

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 and moving faster than anyone else dares.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

Securing Your Data

Beware of fake employment opportunities using Leidos name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at ... .

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.