Security-Jobs in Deutschland

Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by designing, implementing, and enforcing secure cloud architectures that protect mission systems and enterprise infrastructure.

At GDIT, people are our differentiator. As a Cloud Security Engineer, you will help ensure today is safe and tomorrow is smarter.

GDIT is seeking a technically strong and mission-focused Cloud Security Engineer to support USAREUR-AF. This role is responsible for implementing and enforcing a robust security posture across hybrid cloud and on‑premise environments. The ideal candidate is a hands‑on engineer with deep Linux expertise, strong cloud identity management experience, and a working knowledge of DoW security compliance frameworks.

The Cloud Security Engineer will design, implement, and sustain security controls across cloud infrastructure, Kubernetes platforms, virtualized environments, and supporting systems. This role focuses on secure architecture implementation, identity and access management, vulnerability remediation, STIG enforcement, and continuous monitoring.

• Design and implement secure cloud architectures across hybrid environments (public cloud and private infrastructure).
• Engineer and enforce identity and access management (IAM) solutions, including role‑based access controls, least privilege enforcement, and federation models.
• Configure and maintain cloud‑native monitoring and logging solutions (e.g., CloudWatch or equivalent), ensuring visibility into security events and system health.
• Support and remediate vulnerability findings identified through ACAS and related scanning tools.
• Implement and validate STIG compliance across Linux and Windows systems, virtual machines, and Kubernetes clusters.
• Harden Linux‑based cloud and container hosts (primary focus) and Windows systems (secondary focus) in accordance with DoW security standards.
• Secure Kubernetes clusters, container runtimes, and supporting infrastructure through proper network segmentation, RBAC configuration, and workload isolation.
• Implement zero‑trust principles across cloud networking and service‑to‑service communication.
• Develop and maintain Infrastructure as Code (IaC) security baselines to ensure consistent and repeatable secure deployments.
• Support security incident response activities within cloud environments, including log analysis and containment efforts.
• Map implemented technical controls to DoW compliance frameworks including NIST 800‑53, STIGs, and CMMC requirements.
• Collaborate with platform engineers, system administrators, and cybersecurity teams to ensure secure system design and continuous compliance.

Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, or a related technical field (or equivalent practical experience).

3–5 years of experience securing cloud or hybrid infrastructure environments.

• Experience implementing secure configurations in GCP, AWS, Azure, or comparable cloud platforms.
• Strong understanding of cloud identity services, IAM policy design, multi‑account security strategy, and role‑based access control.
• Experience configuring logging, monitoring, and alerting services for cloud security visibility.

• Experience working with ACAS and vulnerability scanning tools.
• Hands‑on experience applying and validating STIGs across Linux and Windows systems.
• Understanding of NIST, STIG, and CMMC compliance requirements in DoW environments.
• Experience supporting vulnerability remediation and security control validation.

• Strong Linux administration background (approximately 70% of environment), including system hardening, auditing, patching, and secure configuration.
• Working knowledge of Windows Server administration and security configuration (approximately 30% of environment).
• Experience securing virtual machines in VMware or similar virtualization platforms.

• Experience securing Kubernetes clusters, including RBAC, network policies, secrets management, and pod security standards.
• Familiarity with container hardening and image security best practices.
• Understanding of secure service mesh or encrypted service communication models.

• Strong understanding of TCP/IP networking, firewalls, VLANs, VPNs, routing, and segmentation.
• Experience implementing least privilege network access and micro‑segmentation within cloud environments.

• Proficiency in Bash and Python for security automation and remediation scripting.
• Experience using Infrastructure as Code tools (Terraform, Ansible, or similar) to enforce security baselines.
• Familiarity with CI/CD security integration and DevSecOps principles.

• Experience supporting Army or DoW enterprise environments.
• Experience contributing to ATO packages or security control documentation.
• Cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer) preferred.
• Security+ or equivalent DoW 8570 IAT Level II certification required, higher level (CASP/CISSP/CISA) preferred.

This role is ideal for a Cloud Security Engineer who is a technical implementer first and policy‑aware second. The successful candidate will actively engineer and enforce security controls across cloud and hybrid environments, ensuring infrastructure is hardened, compliant, and resilient against threats. This position balances deep hands‑on platform engineering (approximately 66%) with security governance alignment and policy enforcement responsibilities (approximately 33%).

• Growth: AI‑powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Community: Award‑winning culture of innovation and a military‑friendly workplace

Explore an enterprise IT career at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your desire to drive operations forward.

The likely salary range for this position is $124,093 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Total compensation for international positions varies by tax, social security, and immigration statuses, as well as location. Generally, an international assignment may include allowances, premium uplifts, and/or relocation or transportation benefits, above base salary range noted. View information about benefits and our total rewards program.

We are GDIT. A global technology and professional services company that delivers technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across over 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, cloud, cyber and application development. Together with our customers, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans