Note: The job is a remote job and is open to candidates in USA. Leidos is a leading company in the defense and aerospace sector, currently seeking a Cybersecurity and Cloud Automation Engineer. This role focuses on securing and automating AWS environments, working within DevSecOps teams to design and implement secure cloud solutions.
Responsibilities
- Implement and maintain security controls for AWS services, aligned with NIST, FISMA, and DISA STIG requirements
- Configure secure logging, monitoring, and telemetry (e.g., CloudTrail, CloudWatch, SIEM integrations) for cloud workloads
- Perform vulnerability scanning, assessment, and coordination of remediation across cloud hosts, containers, and services
- Contribute to security architecture reviews and change/configuration boards to ensure secure designs and deployments
- Develop, maintain, and version-control IaC modules (e.g., Terraform, CloudFormation) for AWS networking, compute, storage, IAM, and security resources
- Use CaC tools (e.g., Ansible, Puppet) to automate OS, middleware, and application configuration and hardening
- Build and support CI/CD pipelines that integrate IaC/CaC and security checks for automated build, test, and deployment
- Create and maintain hardened, STIG/CIS-aligned golden images and reusable templates for repeatable secure deployments
- Encode security baselines, IAM policies, network segmentation, and encryption standards into IaC/CaC and pipeline code (Security-as-Code)
- Integrate automated security and compliance testing (SAST/DAST, dependency scanning, policy-as-code) into pipelines to enforce controls before release
- Support continuous monitoring and ATO/continuous authorization by maintaining evidence, automated checks, and documentation for audits
- Support day-to-day operation of multi-environment AWS landscapes (dev/test/stage/prod/DR), including monitoring health and performance
- Troubleshoot issues across networking, access, and application deployment; contribute to incident and problem management and root cause analysis
- Implement and maintain identity- and context-aware access controls, MFA, and policy-based access in line with Zero Trust strategies
- Collaborate with developers, cloud engineers, security analysts, and operations staff to design secure, automated solutions
- Contribute to technical documentation, including architecture diagrams, IaC/CaC module references, SOPs, and runbooks
- Share best practices in secure cloud engineering and automation with teammates; provide informal knowledge transfer and peer support (no direct reports)
Skills
- Bachelor's degree in a technical field with 8 years of applicable experience, additional years of experience in cloud and cybersecurity engineering will be accepted in lieu of a degree
- Hands-on experience with AWS cloud services and DevSecOps practices in production environments
- Practical experience with IaC/CaC tools (e.g., Terraform/CloudFormation and Ansible/Puppet) and CI/CD pipelines
- Experience applying NIST, FISMA, and STIG/CIS controls in cloud environments and supporting ATO/accreditation activities
- Strong written and verbal communication skills and ability to work effectively in cross-functional teams
- AWS certifications (e.g., Solutions Architect, Security Specialty) or security certifications such as CISSP, CISM, or CAP
- Familiarity with Zero Trust architectures, SASE/ZTNA solutions, and ICAM integrations
- US DoW Secret clearance
- Access to SIPR Facility
Company Overview