Senior Cloud Cybersecurity Engineer

The Senior Cloud Cybersecurity Engineer role at Leidos places you at the heart of safeguarding the DOMEX Technology Platform's OSINT stack within cloud environments. This onsite position in Bethesda, MD combines RMF accreditation duties with hands-on security controls and DevSecOps integration to ensure resilient, mission-focused operations. The role offers a competitive salary range of USD 131,300 to 237,350 per year and requires a Master’s degree along with extensive experience.

Responsibilities

• Review and provide feedback on cybersecurity, architecture, and engineering artifacts across the system.
• Assess Body-of-Evidence results used to support DoD and IC RMF cybersecurity authorizations, delivering actionable guidance.
• Perform periodic compliance scanning, vulnerability assessments, and risk analyses for cloud-based systems.
• Implement and manage security controls for containerized applications and the underlying cloud infrastructure.
• Collaborate with DevSecOps, infrastructure, and software development teams to embed secure coding and engineering practices.
• Ensure security measures are integrated into software development processes, CI/CD pipelines, and engineering tools.
• Develop, maintain, and execute shell commands, scripts, and automation code for STIG compliance and validation.
• Implement and oversee continuous monitoring solutions for cloud-based architectures.
• Support government cybersecurity officials and program personnel in preparing cybersecurity packages such as Interim Authority to Test, Authority to Operate, and Change Requests.
• Stay current with emerging cloud security threats, technologies, and best practices.

Requirements

• Active Top Secret clearance with SCI eligibility and the ability to obtain a polygraph.
• Education and experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or related technical field with 12–15 years of relevant experience, or Master’s degree with 10–13 years of relevant experience. Additional years may be substituted for a degree. ISSO experience must include demonstrated technical expertise.
• DoD 8570.01-M IAT or IAM Level II or higher certification (e.g., CCNA Security, CySA+, Security+ CE, CISSP or Associate) and the ability to obtain Privileged User Account/elevated access per policy.
• Hands-on Linux experience and scripting proficiency in Bash, Python, Perl, or similar languages.
• Experience with Commercial Cloud Services (C2S) and cloud-based enterprise services, preferably AWS.
• Background in securing software applications and infrastructure through security controls.
• Experience supporting RMF processes, including authorization and continuous monitoring.
• Familiarity with NIST SP 800-37, SP 800-53 Rev4/Rev5, CNSSI 1253, and applicable DoD Instructions.
• Experience implementing and validating STIG compliance across OS, database, server, and application tiers.
• Experience with RMF/GRC platforms such as Xacta or eMASS.
• Experience performing compliance and vulnerability scans with SIEM, SAST, and DAST tools.
• Understanding of cloud-specific security threats and the resulting required system security posture.
• Knowledge of securing Kubernetes platforms and integrating security into CI/CD pipelines, containers, and orchestration tools.

Technologies

• Bash
• Python
• Perl
• Linux
• AWS
• Commercial Cloud Services (C2S)
• Kubernetes
• Xacta
• eMASS
• SAST
• DAST
• SIEM
• STIG
• RMF

Benefits

• Paid time off
• 11 paid holidays
• 401(k) with 6% company match and immediate vesting
• Flexible schedules
• Discounted stock purchase plans
• Technical upskilling opportunities
• Education and training support
• Parental paid leave