Join Our Team and Make an Impact. At Leidos, we deliver innovative solutions through the dedication of our diverse and talented teams focused on customer success. We empower our people, contribute to our communities, and operate sustainably, all while adhering to our commitment to do the right thing for our customers, our employees, and our community. The Leidos National Security Sector (NSS) specializes in technology-driven services and mission-critical software capabilities in areas such as cyber operations, logistics, security, and analytics, all aimed at supporting defense and intelligence missions globally.
Your Next Great Opportunity Awaits. We are currently seeking a skilled Lead Pipeline Security Engineer to be a vital part of a new cyber security program. This role contributes to the development, integration, and operation of IT-managed security services, which are essential for monitoring cybersecurity threats and maintaining a secure operational environment for government-critical systems. This position is anticipated to support an emerging contract award, allowing you to be on the front lines of innovation.
Key Responsibilities: - Design, implement, and manage secure CI/CD pipelines to safeguard mission-critical applications and infrastructure.
- Embed security in every phase of the software development lifecycle (SDLC) using advanced DevSecOps practices, ensuring automation and scalability of security controls.
- Guide cross-functional teams in enforcing security standards and drive continuous improvement of the security posture across the organization.
- Utilize extensive expertise in cloud security and secure infrastructure as code (IaC) practices to enhance security tools in CI/CD workflows.
- Write and maintain source code, contribute to application development, and document management throughout the software release lifecycle.
- Provide substantial technical advice that influences strategic client outputs and enhances Leidos business results.
- Drive innovation by developing new solutions and operational plans to maintain Leidos' competitive edge in the marketplace.
- Act as a technical lead on large-scale projects and mentor junior technical staff.
- Define and lead a comprehensive security strategy for CI/CD pipelines, ensuring alignment with organizational goals and compliance standards.
- Champion a security-first culture by mentoring engineers and promoting security awareness within development and operational teams.
- Serve as a subject matter expert (SME) in DevSecOps, advising leadership on emerging cybersecurity threats and effective mitigation strategies.
- Architect, develop, and optimize CI/CD pipelines with integrated security controls and automated threat detection processes.
- Manage security tools to detect vulnerabilities and enforce compliance within CI/CD workflows.
- Implement security measures, including vulnerability scanning and compliance checks, to pre-emptively address potential threats.
- Develop scripts and automation tools to monitor and respond to real-time security events effectively.
- Collaborate with Governance, Risk, and Compliance (GRC) teams to maintain security policies and audit processes.
- Design secure cloud-native environments across platforms (AWS, Azure, GCP), implementing best practices for infrastructure security.
- Automate cloud security configurations and manage security posture to protect sensitive data.
- Lead efforts in container security and Kubernetes hardening to safeguard against unauthorized access.
- Develop real-time security monitoring strategies to promptly alert and resolve threats.
- Define response procedures for security incidents to ensure swift resolution and recovery.
What You Need: - Active Top Secret/SCI (TS/SCI) with Polygraph security clearance and U.S. Citizenship.
- Master's degree with 15-20 years of relevant experience or a Doctorate with 13-16 years of equivalent experience (consideration may be given for experience in lieu of degree).
- Thorough understanding of DoD IT security protocols and requirements.
- Proven track record in designing and securing CI/CD pipelines using tools like Jenkins, GitLab CI, GitHub Actions, or Azure DevOps.
- Strong expertise in security frameworks and vulnerability management (NIST, OWASP, CIS, etc.).
- Extensive experience with IaC tools such as Terraform, CloudFormation, and Ansible, prioritizing security best practices.
- Proficiency in scripting languages (Python, Bash, etc.) for automation and security integration.
- Deep knowledge of container security and Kubernetes best practices.
- Solid understanding of cloud security across AWS, Azure, and/or GCP.
- Experience with API security and secure credential management in automated pipelines.
Preferred Qualifications: - Relevant industry certifications such as AWS Certified Security, Certified Kubernetes Security Specialist (CKS), GIAC Cloud Security Automation (GCSA), CISSP, CEH, or equivalent.
- Experience with Security Information and Event Management (SIEM) tools and threat intelligence platforms.
- Expertise in integrating security within GitOps workflows and managing secure delivery pipelines.
- Familiarity with Security Orchestration, Automation, and Response (SOAR) tools.
Compensation Overview: The salary range for this role is $148,850.00 - $269,075.00. This range is a general guideline and compensation may vary based on responsibilities, experience, education, and market comparison.