Cloud Engineer

The NASA Advanced Enterprise Global Information Technology Solutions at Leidos currently has an opening for an Information System Security Engineer to work remotely. We are seeking a motivated and enthusiastic Information System Security Engineer (ISSE) to join our cloud services team. The ISSE will be responsible for the secure design, development, and implementation of cloud-based systems, ensuring compliance with relevant security standards and frameworks such as NIST, FedRAMP, RMF, and ISO 27001. The ideal candidate will work closely with cloud architects, developers, and system administrators to embed security throughout the system lifecycle.

This is an exciting opportunity to use your experience helping the AEGIS mission. In this mission you will work to review system controls, maintain system security packages, and assist with ensuring our environment remains secure and meets our organization's operational requirements.

• Implement and maintain compliance with the NIST Risk Management Framework (RMF) and FISMA High requirements for all cloud systems.
• Ensure that all cloud systems align with NASA NPR 2810, NIST SP 800-53, and other applicable federal cybersecurity policies and directives.
• Support the Authorization to Operate (ATO) process, maintaining continuous compliance and ensuring timely updates to security documentation.
• Oversee and enforce adherence to the shared responsibility model between the agency, cloud service providers, and system owners.
• Develop, maintain, and update system Security Authorization Packages, including the System Security Plan (SSP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and Continuous Monitoring (ConMon) documentation.
• Conduct Security Impact Analyses (SIA) for configuration changes, new deployments, or integrations within the cloud environment.
• Identify, assess, and document system vulnerabilities and risks, recommending mitigation strategies to maintain a compliant security posture.
• Prepare systems for internal and external audits, ensuring documentation and evidence are audit-ready.
• Coordinate with assessors and Authorizing Officials (AOs) during security control assessments (SCA) and ATO renewals.
• Track findings and corrective actions to closure, maintaining transparency through regular status reporting.

• Bachelor's degree in Computer Science, Information Assurance, Cybersecurity, Engineering, or related technical field; Master's degree preferred.
• 8+ years of progressive experience in information system security, with at least 3 years focused on securing cloud-based systems and services.
• Demonstrated experience working in a federal or FISMA Moderate/High environment, including implementing NIST RMF and FedRAMP controls.
• Must be able to obtain Public Trust (U.S Citizenship Required).

• Must hold at least one DoD 8570.01-M IAT Level III or IAM Level III certification (e.g., CISSP, CISM, CASP+, or equivalent).
• Cloud security certifications such as CCSP, AWS Certified Security - Specialty, Microsoft Certified: Cybersecurity Architect Expert, or Google Professional Cloud Security Engineer are highly desirable.
• FedRAMP or NIST RMF practitioner certifications or training preferred.

Come break things (in a good way). Then build them smarter.

We're the tech company everyone calls when things get weird. We don't wear capes (they're a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for "how it's always been done."

Pay Range: $104,650.00 - $189,175.00

#Remote