Senior Cloud Cybersecurity Infrastructure Engineer

The Defense Sector at Leidos has an opening for a Senior Cloud Cybersecurity Infrastructure Engineer supporting an Air Force & Navy Mission Planning program. This position will help manage underlying infrastructure for a cloud-based Next-generation Continuous Integration/Continuous Deployment (CI/CD) pipeline supporting 40+ developer teams across cutting-edge technology stacks.  You will be part of a team of engineers working in a DevSecOps environment, enabling rapid software development solutions while providing guidance on how to improve Air Force & Navy Mission Planning software.

Primary Responsibilities:

The successful candidate will have a passion for maintaining the cybersecurity posture of complex IT systems, and will be eager to learn new technologies and enjoy overcoming the challenges of the unknown. You will work in a peer-to-peer environment placing a high value on collaboration and team success. Day-to-day responsibilities will include implementation, maintenance, and troubleshooting of a complex and diverse cloud environment, to include:

• Providing Subject Matter Expertise for cloud Information Assurance on a variety of implementations.
• Securing high-availability systems via industry/DOD standards and best practices.
• Configuring & securing underlying Azure/AWS cloud resources for build, release & deployment pipelines.
• Supporting an enterprise CI/CD environment with multiple servers, operating systems and applications.
• Deploying, reviewing, patching & testing systems for adherence to build & security requirements.
• Resolving tickets and problem reports on specific technologies and hardware/software components, including COTS/GOTS products, from the system level to individual hardware/software components.
• Building and maintaining scripts for automation of tasks and server maintenance.
• Creating and maintaining accurate maintenance documentation for systems .

Basic Qualifications:

• U.S. Citizenship with an active Secret or higher clearance.
• Bachelor’s degree with 8+ years of experience or a Master’s degree with 6+ years of experience. Additional experience may be considered in lieu of a degree.
• Ability to obtain a CompTIA Security+ certification or minimum equivalent to meet DoD 8570 Compliance.
• 4+ years of Windows & Linux sys administration with 2+ years in an Azure/AWS cloud environment.
• Experience applying/debugging STIG settings/conflicts in Windows/Linux servers and hosted apps.
• Experience interpreting scanning tool outputs (Nessus, SCAP, Evaluate STIG, etc.) and remediating findings.
• Experience with system troubleshooting tools like top, iostat, vmstat, netstat, lvm, fdisk.
• Strong understanding of networking concepts such as OSI Model, LAN/WAN, IPv4/IPv6, subnetting, VLANs, edge services & point-to-point VPN setup within cloud environments.
• Experience working with identity management & authentication tools such as LDAP, SAML, and PKI.

Preferred Qualifications:

• Hands-on experience with Configuration Management tools such as Ansible, Chef, or Puppet.
• Hands-on experience with Trellix/McAfee ePO and product suite.
• Hands-on configuration and experience with SIEM tools (e.g., Splunk, Azure Log Analytics, QRadar, LogRhythm).
• Hands-on experience with Microsoft Active Directory (i.e., OU creation, Schema Changes, Security Groups).
• Hands-on experience with Microsoft Group Policy (i.e., Creating GPOs, GPO inheritance, Security Filtering).
• Virtualization experience (VMware vCenter, ESXi, KVM, Hyper-V).
• Experience with Docker container technologies and Docker container deployment technologies, such as Terraform, Kubernetes, OpenShift, Helm, EKS, AKS.
• Experience supporting Jenkins pipeline code building and analysis tools.
• Coding and/or scripting experience using Python, Powershell, Bash, or other tools.
• Atlassian Tools Suite experience (Bitbucket, Confluence, JIRA)
• Experience managing web servers such as IIS and Tomcat.
• Familiarity with F5 BIG-IP Authentication and SAML IdP/SP.
• Intermediate knowledge of MS SQL, PostgreSQL, and MySQL.
• Experience in designing and implementing VNet/VLAN ports, protocols and services settings to restrict communications across Cloud-native virtual networking boundaries.
• Experience managing projects and processes to achieve enterprise business improvement objectives.
• Experience hardening API Gateway and API Endpoints.
• Experience with backup and recovery of IT infrastructure.
• Experience as an Information Systems Security Officer or Engineer (ISSO or ISSE).
• Experience managing, interpreting, and updating Plans of Action and Milestones (POA&Ms).
• Experience developing cybersecurity policy related to cloud environments.
• Experience applying STIGs to containers.

DABAOPP1

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.