GCP Cyber Engineer (USAF Cloud One)
About the position Leidos was awarded the U.S. Air Force Cloud One Architecture and Common Shared Services contract and currently has an opening for an GCP Cyber Engineer supporting AWS, Azure, Google, and Oracle clouds. This is an exciting opportunity to use your experience to modernize a leading, global-scale multi-cloud environment in support of a critical mission, supporting USAF system resiliency, security, and cost effectiveness. Location: This position will be hybrid remote and may require travel to support customer or corporate meetings near Hanscom AFB (Boston, MA), Huntsville, AL or Reston, VA.
Responsibilities
- Design, deploy, configure, operate, and maintain authorizations and accreditation of the C1 Architecture for Amazon Web Services, Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure in NIPRNet and SIPRNet.
- Serve as Subject Matter Expert (SME) for all IT stakeholders involved with system design, system builds, and Authority to Operate (ATO) efforts on cybersecurity requirements and tooling.
- Support the cybersecurity authorizations team developing artifacts required to achieve milestones such as Interim Authority Test (IATT) and Authorization to Operate (ATO).
- Experience engineering solutions to support migration of security controls from NIST 800-53 Rev 4 to 800-53 Rev 5.
- Ensure compliance with SCCA, Cloud SRG, and other STIG/SRG requirements.
- Support Continuous Authorization to Operate (cATO) within a DevSecOps or cloud-based environment, including implementation of automated control validation, continuous monitoring integration, and real-time POA&M management.
- Create RMF-required authorization-related documentation and artifacts and support ATO sustainment activities for C1 and DPaaS environments.
- Conduct routine Insider Threat Assessment and document results in the Contractor’s System Security Plan
- Continuously monitor system resources through automated scanning and implement automated reporting feeds to support cybersecurity authorizations.
- Verify patch compliance using the approved technical solutions and conduct remediation activities.
- Provide and execute a plan for enterprise vulnerability and compliance scanning.
- Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components.
- Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials
- Work closely with government Cyber & technical teams to support ATO conditions and requirements.
- Prepare detailed technical documentation to support development and operational processes
- Collaborate with team members and provide mentorship to junior staff, fostering a learning environment
Requirements
- Bachelors and 4+ years of prior relevant experience or Masters with 2+ years of prior relevant experience or equivalent experience.
- 4+ years of experience with cloud hosted systems and GCP Cloud Native Services.
- Interim Secret clearance required to start; Ability to obtain Secret clearance required to maintain employment
- US citizenship required
- Certifications: CompTIA Security+ or equivalent (IAT-2)
Nice-to-haves
- Experience with USAF Cloud One or Platform 1
- Experience with automation/tools like EvalSTIG, STIG Manager, Ansible etc.
- Experience with Zero Trust Architecture
- Cloud certifications in AWS, Azure, Google, or Oracle clouds
- Certifications: CISSP or equivalent (IAT-3)
- C1NACSS