Operations Engineer - Military veterans preferred

Description

The National Security Sector within Leidos is seeking a highly skilled DevSecOps Operations Lead with expertise in AWS serverless environments to oversee the secure, reliable, and scalable operation of cloud-native applications on the Catena program. This role requires strong leadership in integrating security practices across the development lifecycle, deep technical knowledge of AWS services (especially Lambda), and proven experience managing DevSecOps processes in highly regulated environments.

The DevSecOps Operations Lead will define and implement security, automation, monitoring, and compliance strategies, while guiding cross-functional teams to adopt best practices for cloud-native development and operations.

Primary Responsibilities:

• Lead the design and implementation of DevSecOps strategy for AWS Lambda and serverless-based applications.
• Oversee CI/CD pipelines and integrate automated security testing (SAST, DAST, dependency, and secrets scanning).
• Drive infrastructure as code (IaC) standards and ensure secure deployments using CloudFormation, CDK, or Terraform.
• Manage security posture by enforcing IAM least privilege, secrets management, and continuous compliance monitoring.
• Establish logging, monitoring, and observability strategies using CloudWatch, X-Ray, and centralized log analysis tools.
• Lead incident response and root cause analysis for operational or security issues.
• Collaborate with developers, architects, and security engineers to ensure shift-left security practices.
• Define and implement governance controls for AWS accounts, including tagging, cost management, and security policies.
• Mentor and guide DevOps and security engineers in modern serverless DevSecOps practices.

Basic Qualifications:

• Bachelor’s degree in Computer Science, Engineering, or related field with 8+ years of experience or a Master’s degree in Computer Science, Engineering, or related field with 6+ years of experience. Additional experience may be considered in lieu of a degree.
• US Citizenship; Ability to obtain a DoD Secret security clearance.
• 5+ years of experience in DevOps, Security Engineering, or Cloud Operations roles.
• 2+ years of leadership or team lead experience in DevSecOps or Cloud Security.
• Strong expertise in AWS services, including Lambda, API Gateway, IAM, S3, DynamoDB, Step Functions, VPC, KMS.
• Hands-on experience with CI/CD tools such as AWS CodePipeline, GitHub Actions, GitLab CI, or Jenkins.
• Proficiency in scripting/automation (Python, Bash, or PowerShell).
• Knowledge of IaC and IaC security tools (CloudFormation, Terraform, CDK, Checkov, tfsec, cfn-nag).
• Experience implementing logging/monitoring/alerting systems with CloudWatch, X-Ray, or ELK stack.
• Strong understanding of identity and access management, least privilege, and secrets management.
• Experience with deployment techniques to limit down-time (Blue/Green, Rolling, Canary)
• Experience with Agile process and framework to manage operational items and maintenance tasks such as security updates, patching, certificate/password rotations, etc.

Preferred Qualifications:

• Experience with multi-account AWS environments and governance using AWS Organizations, Control Tower, or SCPs.
• Knowledge of compliance frameworks (FedRAMP, NIST, SOC 2, CIS benchmarks) and experience with compliance automation.
• Familiarity with Zero Trust architecture for cloud-native applications.
• Background in chaos engineering or resilience testing for serverless workloads.
• Security certifications (AWS Certified Security Specialty, CISSP, CISM, or similar).
• AWS Professional-level certifications (Solutions Architect, DevOps Engineer).

EIO2024

Come break things (in a good way). Then build them smarter.

We're the tech company everyone calls when things get weird. We don’t wear capes (they’re a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for “how it’s always been done.”

Original Posting:

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.