Cybersecurity and Cloud Automation Engineer

Leidos, Inc.
Reston, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 195K

Job location

Remote
Reston, United States of America

Tech stack

Amazon Web Services (AWS)
Application Configuration Access Protocols
Audit Trail
Azure
Cloud Computing
Cloud Computing Security
Cloud Database
Encodings
Computer Security
Middleware
Identity and Access Management
Network Segmentation
Oracle Applications
Cloud Services
Ansible
Zero Trust Network Access
Security Software
Security Information and Event Management
Software Deployment
Data Logging
Cloud Platform System
Cloudformation
SC Clearance
CIS Benchmarks
Cloudwatch
Puppet
Terraform
Software Version Control
Devsecops
Static Application Security Testing
Vulnerability Analysis
Dynamic Application Security Testing

Job description

Leidoswas awardedthe U.S. Air Force Cloud One Architecture and Common Shared Services contractand currently has an opening for a Cybersecurity and Cloud Automation Engineer tosupportAWS, Azure, Google, and Oracle clouds. This is an exciting opportunity to use your experiencetomodernize a leading, global-scalemulti-cloud environmentin support of a critical mission, supporting USAF system resiliency, security, and cost effectiveness., * Dual-role engineer focused on securing and automating AWS environments using IaC, CaC, and Security-as-Code.

  • Works within DevSecOps teams to design secure cloud solutions and build automated provisioning, configuration, and monitoring pipelines.

Core Responsibilities:

  • Implement and maintain security controls for AWS services, aligned with NIST, FISMA, and DISA STIG requirements.
  • Configure secure logging, monitoring, and telemetry (e.g., CloudTrail, CloudWatch, SIEM integrations) for cloud workloads.
  • Perform vulnerability scanning, assessment, and coordination of remediation across cloud hosts, containers, and services.
  • Contribute to security architecture reviews and change/configuration boards to ensure secure designs and deployments.

IaC/CaC & Automation:

  • Develop, maintain, and version-control IaC modules (e.g., Terraform, CloudFormation) for AWS networking, compute, storage, IAM, and security resources.
  • Use CaC tools (e.g., Ansible, Puppet) to automate OS, middleware, and application configuration and hardening.
  • Build and support CI/CD pipelines that integrate IaC/CaC and security checks for automated build, test, and deployment.
  • Create and maintain hardened, STIG/CIS-aligned golden images and reusable templates for repeatable secure deployments.

Security-as-Code & Compliance:

  • Encode security baselines, IAM policies, network segmentation, and encryption standards into IaC/CaC and pipeline code (Security-as-Code).
  • Integrate automated security and compliance testing (SAST/DAST, dependency scanning, policy-as-code) into pipelines to enforce controls before release.
  • Support continuous monitoring and ATO/continuous authorization by maintaining evidence, automated checks, and documentation for audits.

Operations & Zero Trust:

  • Support day-to-day operation of multi-environment AWS landscapes (dev/test/stage/prod/DR), including monitoring health and performance.
  • Troubleshoot issues across networking, access, and application deployment; contribute to incident and problem management and root cause analysis.
  • Implement and maintain identity- and context-aware access controls, MFA, and policy-based access in line with Zero Trust strategies.

Collaboration & Documentation:

  • Collaborate with developers, cloud engineers, security analysts, and operations staff to design secure, automated solutions.
  • Contribute to technical documentation, including architecture diagrams, IaC/CaC module references, SOPs, and runbooks.
  • Share best practices in secure cloud engineering and automation with teammates; provide informal knowledge transfer and peer support (no direct reports).

Requirements

  • Bachelor's degree in a technical field with 8 years of applicable experience, additional years of experience in cloud and cybersecurity engineering will be accepted in lieu of a degree.
  • Hands-on experience with AWS cloud services and DevSecOps practices in production environments.
  • Practical experience with IaC/CaC tools (e.g., Terraform/CloudFormation and Ansible/Puppet) and CI/CD pipelines.
  • Experience applying NIST, FISMA, and STIG/CIS controls in cloud environments and supporting ATO/accreditation activities.
  • Strong written and verbal communication skills and ability to work effectively in cross-functional teams., * AWS certifications (e.g., Solutions Architect, Security Specialty) or security certifications such as CISSP, CISM, or CAP.
  • Familiarity with Zero Trust architectures, SASE/ZTNA solutions, and ICAM integrations.
  • US DoW Secret clearance.
  • Access to SIPR Facility.

Benefits & conditions

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

About the company

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Apply for this position