Senior Cloud Cybersecurity Engineer in Rockville
Role details
Job location
Tech stack
Job description
Leidos has an exciting opening for you, our next Senior Cloud Cybersecurity Engineer, to play a critical role in the accreditation and operation of a state-of-the-art technology stack under the DOMEX Technology Platform (DTP) where we support our client's mission to centralize and standardize Tasking, Collection, Processing, Exploitation and Dissemination (TCPED) of Open Source Intelligence (OSINT) across the Defense and Intelligence Community enterprises. We leverage cloud-based computing, artificial intelligence (Al), machine learning (ML), and cross-domain transfer systems to provide cutting edge data exploitation, enrichment, triage, and analytics capabilities to the Defense Intelligence Enterprise., * Collect, review, assess, and provide feedback on system cybersecurity, architecture, and engineering artifacts
- Collect, review, assess, and provide feedback on system cybersecurity Body-of-Evidence (BOE) results required to support DoD & IC RMF cybersecurity authorization processes
- Conduct periodic compliance scanning, vulnerability assessments, and risk analysis for cloud-based systems
- Implement and manage security controls for containerized applications and the underlying cloud-based infrastructure
- Collaborate with DevSecOps, infrastructure, and software development teams to ensure secure coding and engineering practices
- Ensure integration of security measures into software development processes, CI/CD pipelines, and engineering tools
- Develop, maintain, and execute shell commands, scripts, and automation code for STIG compliance and validation
- Implement and manage continuous monitoring solutions of cloud-based architectures
- Support Government cybersecurity officials & program personnel in preparing cybersecurity packages, including Interim Authority to Test (IATT) packages, Authority to Operate (ATO) packages, and Change Requests (CRs)
- Stay current with emerging cloud security threats, technologies, and best practices
Requirements
- Clearance: Active or current Top Secret with SCI eligibility and the ability to obtain Polygraph
- Education & Experience: Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or related technical discipline and 12-15 years of relevant experience OR Master's degree with 10-13 years of relevant experience. Additional years of experience may be considered in lieu of a degree. ISSO experience must be supplemented with demonstrated technical expertise.
- Certification: At least one DoD 8570.01-M IAT or IAM Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, CISSP (or Associate) and the ability to obtain Privileged User Account (PUA)/elevated access per DoD 8570 policy
To be successful in this role you will need:
- Hands-on experience with Linux operating systems and scripting such as Bash, Python, Perl or similar
- Experience with Commercial Cloud Services (C2S) and cloud-based enterprise services, preferably AWS
- Experience securing software applications and infrastructure by implementing security controls
- Experience supporting RMF processes such as authorization and continuous monitoring
- Experience with NIST SP 800-37, SP 800-53 Rev4 or Rev5, CNSSI 1253, and applicable DoDI publications
- Experience implementing and validating STIG compliance across operating system, database, server, and application tiers
- Experience with RMF/GRC platforms such as Xacta or eMASS
- Experience with performing compliance & vulnerability scans and related security tools for SIEM & event management, SAST, DAST
- Demonstrated understanding of unique security threats in the cloud and the required corresponding system security posture
- Demonstrated understanding of how to secure Kubernetes platforms and integrate security into CI/CD pipelines, containers, and platform orchestration tools.
You will wow us even more if you have these skills:
- Active TS/SCI with polygraph
- Experience supporting the Intelligence Community in RMF activities with ICD 503 and related compliance directives, policies, procedures
- Multiple IAT/IAM II or III advanced certifications such as:
- CISSP-ISSAP/ISSEP
- CISM
- CCSP
- Security X/CASP+
- Cloud certifications such as:
- AWS Solutions Architect
- AWS Security Specialty
- Kubernetes and Cloud Associate (KCNA)
- Certified Kubernetes Administrator (CKA)
- Certified Kubernetes Security Specialist (CKS)
- Linux certifications such as:
- Linux+
- Red Hat Certified System Administrator - Enterprise Linux (RHCSA)
- Red Hat Certified Engineer - Enterprise Linux (RHCE)
- Red Hat Certified Architect - Enterprise Linux (RHCA)
-
Prior network engineering experience with encryption and transport in the cloud
-
Experience applying DoW Zero Trust framework
-
Experience applying security controls to various AI implementations
-
Understanding of secure software development practices and code reviews in Agile and DevSecOps environments
-
NMECDTP-Leidos
Benefits & conditions
Through training, teamwork, and exposure to challenging technical work, let Leidos show how to accelerate your career path. At Leidos, we offer competitive benefits, including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in Analysis Solutions Business Area!, Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.