Leidos
Overview
The Leidos Digital Modernization Sector is seeking a highly skilled Azure Cloud Engineer with deep expertise in networking and infrastructure automation. This is a 100% remote hands‑on engineering role. The ideal candidate is self‑sufficient, execution‑focused, and capable of collaborating across teams to deliver secure, scalable, and performant cloud infrastructure solutions.
Primary Responsibilities
Design, implement, and maintain Azure infrastructure (compute, storage, networking, identity, and governance) using Infrastructure as Code (IaC).
Architect and configure virtual networks (VNets), network security groups (NSGs), ExpressRoute, VPN gateways, private endpoints, and load balancers in Azure.
Integrate and optimize hybrid cloud connectivity (on‑prem to Azure), ensuring performance, redundancy, and security compliance.
Implement and manage Azure Firewall, Application Gateway, and Azure Front Door configurations for secure and resilient application delivery.
Automate provisioning and configuration using Terraform, Bicep, or ARM templates with CI/CD integration (GitHub Actions, Azure DevOps, or GitLab).
Collaborate with application and security teams to enforce zero trust and network segmentation principles.
Troubleshoot and optimize DNS, routing, latency, and firewall rules across hybrid environments.
Support monitoring, alerting, and performance optimization via Azure Monitor, Log Analytics, and Network Watcher.
Maintain compliance with DoD/NIST, FedRAMP, or enterprise security frameworks (if applicable).
Basic Qualifications
BS degree and 8+ years of prior relevant experience or Masters with 6+ years of prior relevant experience, additional years of experience may be accepted in lieu of a degree.
Minimum 10 years of experience in Azure Cloud Engineering or Cloud Infrastructure roles.
Possession of at least one of the following certifications:
Azure Network Engineer Associate (AZ-700)
Azure Solutions Architect Expert (AZ-305)
Azure Administrator Associate (AZ-104)
US Citizen and current active DoD Secret clearance.
Strong expertise in Azure networking — including ExpressRoute, Virtual WAN, Peering, Load Balancers, Application Gateway, Azure Firewall, and Private Link.
Proficiency with Terraform, Bicep, or ARM templates.
Deep understanding of networking protocols (TCP/IP, DNS, DHCP, VPN, routing, subnetting, BGP).
Hands‑on experience with CI/CD pipelines for infrastructure deployments.
Familiarity with security and identity in Azure (Azure AD, RBAC, Managed Identities).
Experience with SASE, ZScaler, Palo Alto Prisma, or Cloudflare network integrations.
Familiarity with Kubernetes networking (CNI, service mesh) or container‑based deployments.
Understanding of security frameworks (NIST, CIS Benchmarks, Zero Trust).
Excellent troubleshooting and problem‑solving skills in complex, hybrid environments.
Strong documentation and collaboration habits.
Preferred Skills and Certifications
Additional industry certifications such as VMware VCP or Kubernetes CKA.
Experience with security frameworks (e.g., RMF, NIST 800-53).
Knowledge of scripting or programming languages, such as Python, PowerShell, or Bash.
Familiarity with log management and monitoring tools (e.g., Splunk, Datadog, or ELK stack).
Pay Range Pay Range $104,650.00 - $189,175.00
Remote #Remote
#J-18808-Ljbffr
Primary Responsibilities
Design, implement, and maintain Azure infrastructure (compute, storage, networking, identity, and governance) using Infrastructure as Code (IaC).
Architect and configure virtual networks (VNets), network security groups (NSGs), ExpressRoute, VPN gateways, private endpoints, and load balancers in Azure.
Integrate and optimize hybrid cloud connectivity (on‑prem to Azure), ensuring performance, redundancy, and security compliance.
Implement and manage Azure Firewall, Application Gateway, and Azure Front Door configurations for secure and resilient application delivery.
Automate provisioning and configuration using Terraform, Bicep, or ARM templates with CI/CD integration (GitHub Actions, Azure DevOps, or GitLab).
Collaborate with application and security teams to enforce zero trust and network segmentation principles.
Troubleshoot and optimize DNS, routing, latency, and firewall rules across hybrid environments.
Support monitoring, alerting, and performance optimization via Azure Monitor, Log Analytics, and Network Watcher.
Maintain compliance with DoD/NIST, FedRAMP, or enterprise security frameworks (if applicable).
Basic Qualifications
BS degree and 8+ years of prior relevant experience or Masters with 6+ years of prior relevant experience, additional years of experience may be accepted in lieu of a degree.
Minimum 10 years of experience in Azure Cloud Engineering or Cloud Infrastructure roles.
Possession of at least one of the following certifications:
Azure Network Engineer Associate (AZ-700)
Azure Solutions Architect Expert (AZ-305)
Azure Administrator Associate (AZ-104)
US Citizen and current active DoD Secret clearance.
Strong expertise in Azure networking — including ExpressRoute, Virtual WAN, Peering, Load Balancers, Application Gateway, Azure Firewall, and Private Link.
Proficiency with Terraform, Bicep, or ARM templates.
Deep understanding of networking protocols (TCP/IP, DNS, DHCP, VPN, routing, subnetting, BGP).
Hands‑on experience with CI/CD pipelines for infrastructure deployments.
Familiarity with security and identity in Azure (Azure AD, RBAC, Managed Identities).
Experience with SASE, ZScaler, Palo Alto Prisma, or Cloudflare network integrations.
Familiarity with Kubernetes networking (CNI, service mesh) or container‑based deployments.
Understanding of security frameworks (NIST, CIS Benchmarks, Zero Trust).
Excellent troubleshooting and problem‑solving skills in complex, hybrid environments.
Strong documentation and collaboration habits.
Preferred Skills and Certifications
Additional industry certifications such as VMware VCP or Kubernetes CKA.
Experience with security frameworks (e.g., RMF, NIST 800-53).
Knowledge of scripting or programming languages, such as Python, PowerShell, or Bash.
Familiarity with log management and monitoring tools (e.g., Splunk, Datadog, or ELK stack).
Pay Range Pay Range $104,650.00 - $189,175.00
Remote #Remote
#J-18808-Ljbffr