Leidos Inc
Overview
The National Security Sector within Leidos is seeking a highly skilled
DevSecOps Operations Lead
with expertise in AWS serverless environments to oversee the secure, reliable, and scalable operation of cloud-native applications on the
Catena program . This role requires strong leadership in integrating security practices across the development lifecycle, deep technical knowledge of AWS services (especially Lambda), and proven experience managing DevSecOps processes in highly regulated environments. The DevSecOps Operations Lead will define and implement security, automation, monitoring, and compliance strategies, while guiding cross-functional teams to adopt best practices for cloud-native development and operations. Primary Responsibilities
Lead the design and implementation of DevSecOps strategy for AWS Lambda and serverless-based applications. Oversee CI/CD pipelines and integrate automated security testing (SAST, DAST, dependency, and secrets scanning). Drive infrastructure as code (IaC) standards and ensure secure deployments using CloudFormation, CDK, or Terraform. Manage security posture by enforcing IAM least privilege, secrets management, and continuous compliance monitoring. Establish logging, monitoring, and observability strategies using CloudWatch, X-Ray, and centralized log analysis tools. Lead incident response and root cause analysis for operational or security issues. Collaborate with developers, architects, and security engineers to ensure shift-left security practices. Define and implement governance controls for AWS accounts, including tagging, cost management, and security policies. Mentor and guide DevOps and security engineers in modern serverless DevSecOps practices. Basic Qualifications
Bachelor's degree in Computer Science, Engineering, or related field with 8+ years of experience or a Master’s degree with 6+ years of experience. Additional experience may be considered in lieu of a degree. US Citizenship; Ability to obtain a DoD Secret security clearance. 5+ years of experience in DevOps, Security Engineering, or Cloud Operations roles. 2+ years of leadership or team lead experience in DevSecOps or Cloud Security. Strong expertise in AWS services, including Lambda, API Gateway, IAM, S3, DynamoDB, Step Functions, VPC, KMS. Hands-on experience with CI/CD tools such as AWS CodePipeline, GitHub Actions, GitLab CI, or Jenkins. Proficiency in scripting/automation (Python, Bash, or PowerShell). Knowledge of IaC and IaC security tools (CloudFormation, Terraform, CDK, Checkov, tfsec, cfn-nag). Experience implementing logging/monitoring/alerting systems with CloudWatch, X-Ray, or ELK stack. Strong understanding of identity and access management, least privilege, and secrets management. Experience with deployment techniques to limit down-time (Blue/Green, Rolling, Canary). Experience with Agile processes and frameworks to manage operational items and maintenance tasks such as security updates, patching, certificate/password rotations, etc. Preferred Qualifications
Experience with multi-account AWS environments and governance using AWS Organizations, Control Tower, or SCPs. Knowledge of compliance frameworks (FedRAMP, NIST, SOC 2, CIS benchmarks) and experience with compliance automation. Familiarity with Zero Trust architecture for cloud-native applications. Background in chaos engineering or resilience testing for serverless workloads. Security certifications (AWS Certified Security Specialty, CISSP, CISM, or similar). AWS Professional-level certifications (Solutions Architect, DevOps Engineer). We are a remote-friendly employer. For U.S. positions: subject to change based on business needs, this job requisition will remain open for a period determined by the posting date.
#J-18808-Ljbffr
The National Security Sector within Leidos is seeking a highly skilled
DevSecOps Operations Lead
with expertise in AWS serverless environments to oversee the secure, reliable, and scalable operation of cloud-native applications on the
Catena program . This role requires strong leadership in integrating security practices across the development lifecycle, deep technical knowledge of AWS services (especially Lambda), and proven experience managing DevSecOps processes in highly regulated environments. The DevSecOps Operations Lead will define and implement security, automation, monitoring, and compliance strategies, while guiding cross-functional teams to adopt best practices for cloud-native development and operations. Primary Responsibilities
Lead the design and implementation of DevSecOps strategy for AWS Lambda and serverless-based applications. Oversee CI/CD pipelines and integrate automated security testing (SAST, DAST, dependency, and secrets scanning). Drive infrastructure as code (IaC) standards and ensure secure deployments using CloudFormation, CDK, or Terraform. Manage security posture by enforcing IAM least privilege, secrets management, and continuous compliance monitoring. Establish logging, monitoring, and observability strategies using CloudWatch, X-Ray, and centralized log analysis tools. Lead incident response and root cause analysis for operational or security issues. Collaborate with developers, architects, and security engineers to ensure shift-left security practices. Define and implement governance controls for AWS accounts, including tagging, cost management, and security policies. Mentor and guide DevOps and security engineers in modern serverless DevSecOps practices. Basic Qualifications
Bachelor's degree in Computer Science, Engineering, or related field with 8+ years of experience or a Master’s degree with 6+ years of experience. Additional experience may be considered in lieu of a degree. US Citizenship; Ability to obtain a DoD Secret security clearance. 5+ years of experience in DevOps, Security Engineering, or Cloud Operations roles. 2+ years of leadership or team lead experience in DevSecOps or Cloud Security. Strong expertise in AWS services, including Lambda, API Gateway, IAM, S3, DynamoDB, Step Functions, VPC, KMS. Hands-on experience with CI/CD tools such as AWS CodePipeline, GitHub Actions, GitLab CI, or Jenkins. Proficiency in scripting/automation (Python, Bash, or PowerShell). Knowledge of IaC and IaC security tools (CloudFormation, Terraform, CDK, Checkov, tfsec, cfn-nag). Experience implementing logging/monitoring/alerting systems with CloudWatch, X-Ray, or ELK stack. Strong understanding of identity and access management, least privilege, and secrets management. Experience with deployment techniques to limit down-time (Blue/Green, Rolling, Canary). Experience with Agile processes and frameworks to manage operational items and maintenance tasks such as security updates, patching, certificate/password rotations, etc. Preferred Qualifications
Experience with multi-account AWS environments and governance using AWS Organizations, Control Tower, or SCPs. Knowledge of compliance frameworks (FedRAMP, NIST, SOC 2, CIS benchmarks) and experience with compliance automation. Familiarity with Zero Trust architecture for cloud-native applications. Background in chaos engineering or resilience testing for serverless workloads. Security certifications (AWS Certified Security Specialty, CISSP, CISM, or similar). AWS Professional-level certifications (Solutions Architect, DevOps Engineer). We are a remote-friendly employer. For U.S. positions: subject to change based on business needs, this job requisition will remain open for a period determined by the posting date.
#J-18808-Ljbffr