Operations Engineer

The National Security Sector within Leidos is seeking a highly skilled DevSecOps Operations Lead with expertise in AWS serverless environments to oversee the secure, reliable, and scalable operation of cloud-native applications on the Catena program. This role requires strong leadership in integrating security practices across the development lifecycle, deep technical knowledge of AWS services (especially Lambda), and proven experience managing DevSecOps processes in highly regulated environments.

The DevSecOps Operations Lead will define and implement security, automation, monitoring, and compliance strategies, while guiding cross-functional teams to adopt best practices for cloud-native development and operations.

Primary Responsibilities:

• Lead the design and implementation of DevSecOps strategy for AWS Lambda and serverless-based applications.
• Oversee CI/CD pipelines and integrate automated security testing (SAST, DAST, dependency, and secrets scanning).
• Drive infrastructure as code (IaC) standards and ensure secure deployments using CloudFormation, CDK, or Terraform.
• Manage security posture by enforcing IAM least privilege, secrets management, and continuous compliance monitoring.
• Establish logging, monitoring, and observability strategies using CloudWatch, X-Ray, and centralized log analysis tools.
• Lead incident response and root cause analysis for operational or security issues.
• Collaborate with developers, architects, and security engineers to ensure shift-left security practices.
• Define and implement governance controls for AWS accounts, including tagging, cost management, and security policies.
• Mentor and guide DevOps and security engineers in modern serverless DevSecOps practices.

Basic Qualifications:

• Bachelor’s degree in Computer Science, Engineering, or related field with 8+ years of experience or a Master’s degree in Computer Science, Engineering, or related field with 6+ years of experience. Additional experience may be considered in lieu of a degree.
• US Citizenship; Ability to obtain a DoD Secret security clearance.
• 5+ years of experience in DevOps, Security Engineering, or Cloud Operations roles.
• 2+ years of leadership or team lead experience in DevSecOps or Cloud Security.
• Strong expertise in AWS services, including Lambda, API Gateway, IAM, S3, DynamoDB, Step Functions, VPC, KMS.
• Hands-on experience with CI/CD tools such as AWS CodePipeline, GitHub Actions, GitLab CI, or Jenkins.
• Proficiency in scripting/automation (Python, Bash, or PowerShell).
• Knowledge of IaC and IaC security tools (CloudFormation, Terraform, CDK, Checkov, tfsec, cfn-nag).
• Experience implementing logging/monitoring/alerting systems with CloudWatch, X-Ray, or ELK stack.
• Strong understanding of identity and access management, least privilege, and secrets management.
• Experience with deployment techniques to limit down-time (Blue/Green, Rolling, Canary)
• Experience with Agile process and framework to manage operational items and maintenance tasks such as security updates, patching, certificate/password rotations, etc.

Preferred Qualifications:

• Experience with multi-account AWS environments and governance using AWS Organizations, Control Tower, or SCPs.
• Knowledge of compliance frameworks (FedRAMP, NIST, SOC 2, CIS benchmarks) and experience with compliance automation.
• Familiarity with Zero Trust architecture for cloud-native applications.
• Background in chaos engineering or resilience testing for serverless workloads.
• Security certifications (AWS Certified Security Specialty, CISSP, CISM, or similar).
• AWS Professional-level certifications (Solutions Architect, DevOps Engineer).

EIO2024

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.