Description
Cloud computing continues to allow us to modernize and consolidate IT infrastructure, automate workloads, and pursue next-generation innovation. We are seeking a Security Engineer to serve as a technical leader for our critical cloud modernization initiatives. This high-impact role is focused on securing Azure cloud environments and embedding security into every phase of the System Development Life Cycle (SDLC).
As the Senior Security Engineer, you will define the security posture, lead implementation, and oversee the governance of cloud security solution for our IHS customer. This role is pivotal in ensuring the confidentiality, integrity, and availability of cloud-hosted assets while enabling secure innovation at scale. You will partner closely with Cloud Engineers and program leadership to drive continuous improvement and deliver maximum value to the mission.
KEY RESPONSIBILITIES:
Architecture and Engineering
- Cloud Security Architecture: Design, architect, and implement secure, scalable cloud infrastructure across an Azure platform, ensuring alignment with Zero Trust principles and defense-in-depth strategies.
- Identity, Credential, and Access Management (ICAM): Architect, implement, and maintain secure ICAM solutions, including federated identity, Role-Based Access Control (RBAC), and robust encryption/key management systems (KMS) as required.
- DevSecOps Integration: Lead the integration of security tools and practices into CI/CD pipelines (DevSecOps workflows) to enable automated security testing, vulnerability scanning, and compliance validation.
- Automation: Define, enforce, and automate cloud security policies, standards, and control frameworks using Infrastructure as Code (IaC) and native cloud services.
Governance and Compliance Leadership
- Compliance Strategy: Develop and lead strategic approaches for achieving and maintaining compliance with critical federal frameworks, including FedRAMP and NIST SP 800-53.
- Authorization Liaison: Serve as the primary security liaison, implementing necessary controls and coordinating closely with authorizing officials (AOs) at Health and Human Services (HHS) and other federal agencies throughout the Authority to Operate (ATO) process.
- System Documentation: Lead efforts to develop, maintain, and oversee all system security documentation, including System Security Plans (SSPs), standard operating procedures, security control baselines, implementation details, and other compliance workbooks/whitepapers.
- Cybersecurity Governance: Represent Cybersecurity on contractor and government Change Control Boards (CCBs) to ensure all system changes are assessed for security impact and compliance prior to deployment.
- Audit Support: Lead security control assessments, support audits of the system, and drive the development and closure of Plan of Action & Milestones (POA&M) findings.
Operations, Risk, and Strategy
- Threat & Risk Management: Lead comprehensive threat modeling and vulnerability management efforts. Conduct thorough Security Impact Analyses (SIAs) and risk assessments for new services, functionality, and proposed architectural changes, ensuring all risks are documented and mitigated.
- Continuous Monitoring: Design and implement continuous monitoring solutions using Cloud Security Posture Management, Cloud Workload Protection Platform, and other advanced security tools.
- Stakeholder Alignment: Collaborate across engineering, compliance, and operations teams. Serve as a technical authority to internal and external customers, defending security posture changes related to Configuration Management (CM) and the overall security baseline.
- Proactive Strategy: Stay ahead of emerging cloud threats, evolving attack vectors, and industry best practices, proactively recommending mitigation and strategic security improvements.
REQUIRED EDUCATION AND EXPERIENCE:
- Education: Bachelor’s Degree in Computer Science, Engineering, Information Technology, or a related field. Additional years of experience may be considered in lieu of a degree.
- Experience: 8-12 years of professional experience in IT, with a minimum of 6+ years focused on Information Security Engineering, with at least 2 years focused on cloud security architecture.
- Clearance: Ability to obtain and maintain a Public Trust or higher security clearance (if required for the mission/client).
- Certifications: Active, advanced security certification required, such as CCSP (Certified Cloud Security Professional) and Azure Security Engineer Associate (AZ-500).
REQUIRED CORE TECHNICAL SKILLS: AZURE FOCUS
- Azure Security Expertise: Deep, verifiable expertise in securing Azure services, cloud architectures, and the shared responsibility model. Expert-level understanding of how to implement NIST SP 800-53 (Rev 5) security controls within an Azure Government environment.
- Identity, Credential, and Access Management (ICAM): Extensive experience with Azure Active Directory (Azure AD/Entra ID), conditional access policies, and hybrid identity solutions.
- Automation: Hands-on experience implementing security controls using Infrastructure as Code (IaC) tools such as Terraform or Bicep.
- Containers: Strong hands-on experience securing containerization and orchestration platforms (Docker, Kubernetes, AKS, EKS).
- Scripting and Automation: Strong proficiency in PowerShell/Bash and/or Python
REQUIRED PROFESSIONAL SKILLS
- Communication: Excellent written and verbal communication skills. Ability to communicate effectively within cross-functional teams and with external stakeholders.
- Analysis & Troubleshooting: Strong analytical and troubleshooting skills to rapidly diagnose and resolve complex security issues.
DESIRED QUALIFICATIONS:
- Certifications: Active CISSP certification is highly desirable.
- Zero Trust: Expertise in Zero Trust principles and architecting security solutions in the Azure cloud environment.
- Federal Compliance: Direct experience implementing federal compliance frameworks such as FedRAMP, NIST 800-53 (Rev 5), and Cybersecurity Maturity Model Certification (CMMC).
- Verifiable experience maintaining FedRAMP authorization boundaries, including authoring System Security Plans (SSPs) and providing guidance on the shared responsibility model for security and compliance to customers and partners.
- Federal Experience: Prior experience with federal agency cloud modernization efforts.
Come break things (in a good way). Then build them smarter.
We're the tech company everyone calls when things get weird. We don’t wear capes (they’re a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for “how it’s always been done.”
Original Posting:
December 19, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $107,900.00 - $195,050.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#Featuredjob
