Description Are you ready to make a difference? Join Leidos, where we deliver innovative and impactful solutions through our diverse and talented workforce dedicated to ensuring our customers' success. We empower our teams, contribute to our communities, and strive for sustainability. Our commitment emphasizes doing the right thing for our customers, our employees, and our community.
Your future starts here. The Multi-domain Solutions Division (MDS) at Leidos is seeking a seasoned Senior Pipeline Security Engineer to be an integral part of a groundbreaking cyber security program, with a focus on supporting critical government systems. You'll play a vital role in a program dedicated to the development, integration, and operations of managed IT security services aimed at enhancing cybersecurity awareness and resilience across the enterprise. This position is reflective of an anticipated future contract award.
Key Responsibilities: - Design, develop, and sustain secure continuous integration and delivery (CI/CD) pipelines that uphold the integrity of software applications and infrastructures.
- Leverage strong expertise in DevSecOps and cloud-native technologies to incorporate security best practices into the software development lifecycle (SDLC).
- Automate security controls, pinpoint vulnerabilities, and enforce secure coding practices throughout every stage of the pipeline.
- Write and maintain source code while creating software applications and frameworks associated with software releases.
- Engage in computer programming, documentation, configuration management, testing, and bug fixing relevant to software release life cycles.
- Achieve key project and program objectives and deliverables while managing substantial projects with a moderate impact on results.
- Develop and maintain secure CI/CD pipelines with integrated security checkpoints for early identification of vulnerabilities.
- Automate security testing and compliance checks at each phase of the pipeline, ensuring enforcement of security gates and policies without sacrificing development speed.
- Incorporate security best practices into CI/CD frameworks, infrastructure as code (IaC), and containerization workflows.
- Collaborate with development and operations teams to foster a culture of security awareness and proactive risk management.
- Conduct security assessments and audits to verify compliance with industry standards such as ISO, NIST, and SOC2.
- Define and implement security policies to mitigate risks and protect data within production environments.
- Secure cloud environments (AWS, Azure, GCP) through the application of infrastructure-as-code security best practices.
- Establish monitoring, alerting, and logging solutions to detect and respond to security threats.
- Work alongside Security Operations teams to ensure effective incident response and forensic analysis processes.
- Work collaboratively with fellow engineers to boost security culture and promote secure coding practices.
- Guide and mentor junior engineers on secure pipeline methodologies and develop documentation of security best practices for CI/CD processes.
What You Bring to Leidos: - Must possess an active Top Secret/SCI (TS/SCI) with Polygraph security clearance. U.S. Citizenship is required.
- A Bachelor's degree and 8 to 12 years of relevant experience, or a Master's degree with 6 to 10 years of relevant experience. Equivalent experience may substitute for education.
- Comprehensive understanding of DoD IT security protocols and requirements.
- Proficiency in CI/CD tools such as Jenkins, GitHub Actions, or Azure DevOps.
- Strong knowledge of security tools and frameworks.
- Hands-on experience with IaC tools like Terraform and Ansible.
- Solid grasp of cloud security best practices across AWS, Azure, or GCP.
- Skilled in scripting languages (e.g., Python, Bash) for automation.
- Experience with container technologies such as Docker and orchestration with Kubernetes.
- Strong analytical skills with a passion for cybersecurity.
Favorable Qualifications: - Certifications such as AWS Certified Security or Certified Kubernetes Security Specialist (CKS) are advantageous.
- Experience with secret management tools (e.g., HashiCorp Vault).
- Familiarity with compliance standards like PCI-DSS and GDPR is a plus.
- Hands-on experience with security event monitoring and SIEM solutions.
Original Posting Date: March 30, 2025
Pay Range: $104,650.00 - $189,175.00
This pay range serves as a guideline and does not guarantee salary. Factors such as the job's responsibilities, education, experience, and skills will influence the offer. Internal equity and market data may also be considered.