Cloud Security Engineer (Cloud & Hybrid Infrastructure)

General Dynamics Information Technology
23h$102,000 - $138,000Onsite

About The Position

Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by designing, implementing, and enforcing secure cloud architectures that protect mission systems and enterprise infrastructure. At GDIT, people are our differentiator. As a Cloud Security Engineer, you will help ensure today is safe and tomorrow is smarter. GDIT is seeking a technically strong and mission-focused Cloud Security Engineer to support USAREUR-AF. This role is responsible for implementing and enforcing a robust security posture across hybrid cloud and on-premise environments. The ideal candidate is a hands-on engineer with deep Linux expertise, strong cloud identity management experience, and a working knowledge of DoD security compliance frameworks. HOW A CLOUD SECURITY ENGINEER WILL MAKE AN IMPACT The Cloud Security Engineer will design, implement, and sustain security controls across cloud infrastructure, Kubernetes platforms, virtualized environments, and supporting systems. This role focuses on secure architecture implementation, identity and access management, vulnerability remediation, STIG enforcement, and continuous monitoring. This role is ideal for a Cloud Security Engineer who is a technical implementer first and policy-aware second. The successful candidate will actively engineer and enforce security controls across cloud and hybrid environments, ensuring infrastructure is hardened, compliant, and resilient against threats. This position balances deep hands-on platform engineering (approximately 66%) with security governance alignment and policy enforcement responsibilities (approximately 33%). GDIT IS YOUR PLACE At GDIT, the mission is our purpose, and our people are at the center of everything we do. Growth: AI-powered career tool that identifies career steps and learning opportunities Support: An internal mobility team focused on helping you achieve your career goals Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off Community: Award-winning culture of innovation and a military-friendly workplace

Requirements

  • Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, or related technical field (or equivalent practical experience).
  • 3–5 years of experience securing cloud or hybrid infrastructure environments.
  • Cloud Security Architecture Experience implementing secure configurations in GCP, AWS, Azure, or comparable cloud platforms.
  • Strong understanding of cloud identity services, IAM policy design, multi-account security strategy, and role-based access control.
  • Experience configuring logging, monitoring, and alerting services for cloud security visibility.
  • Vulnerability Management & Compliance Experience working with ACAS and vulnerability scanning tools.
  • Hands-on experience applying and validating STIGs across Linux and Windows systems.
  • Understanding of NIST, STIG, and CMMC compliance requirements in DoD environments.
  • Experience supporting vulnerability remediation and security control validation.
  • Linux & Windows Systems Strong Linux administration background (approximately 70% of environment), including system hardening, auditing, patching, and secure configuration.
  • Working knowledge of Windows Server administration and security configuration (approximately 30% of environment).
  • Experience securing virtual machines in VMware or similar virtualization platforms.
  • Kubernetes & Container Security Experience securing Kubernetes clusters, including RBAC, network policies, secrets management, and pod security standards.
  • Familiarity with container hardening and image security best practices.
  • Understanding of secure service mesh or encrypted service communication models.
  • Networking & Zero Trust Strong understanding of TCP/IP networking, firewalls, VLANs, VPNs, routing, and segmentation.
  • Experience implementing least privilege network access and micro-segmentation within cloud environments.
  • Automation & Scripting Proficiency in Bash and Python for security automation and remediation scripting.
  • Experience using Infrastructure as Code tools (Terraform, Ansible, or similar) to enforce security baselines.
  • Familiarity with CI/CD security integration and DevSecOps principles.

Nice To Haves

  • Experience supporting Army or DoD enterprise environments.
  • Experience contributing to ATO packages or security control documentation.
  • Cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer) preferred.
  • Security+ or equivalent DoD 8570 IAT Level II certification required, higher level (CASP/CISSP/CISA) preferred.

Responsibilities

  • Design and implement secure cloud architectures across hybrid environments (public cloud and private infrastructure).
  • Engineer and enforce identity and access management (IAM) solutions, including role-based access controls, least privilege enforcement, and federation models.
  • Configure and maintain cloud-native monitoring and logging solutions (e.g., CloudWatch or equivalent), ensuring visibility into security events and system health.
  • Support and remediate vulnerability findings identified through ACAS and related scanning tools.
  • Implement and validate STIG compliance across Linux and Windows systems, virtual machines, and Kubernetes clusters.
  • Harden Linux-based cloud and container hosts (primary focus) and Windows systems (secondary focus) in accordance with DoD security standards.
  • Secure Kubernetes clusters, container runtimes, and supporting infrastructure through proper network segmentation, RBAC configuration, and workload isolation.
  • Implement zero-trust principles across cloud networking and service-to-service communication.
  • Develop and maintain Infrastructure as Code (IaC) security baselines to ensure consistent and repeatable secure deployments.
  • Support security incident response activities within cloud environments, including log analysis and containment efforts.
  • Map implemented technical controls to DoD compliance frameworks including NIST 800-53, STIGs, and CMMC requirements.
  • Collaborate with platform engineers, system administrators, and cybersecurity teams to ensure secure system design and continuous compliance.

Benefits

  • Comprehensive benefits and wellness packages
  • 401K with company match
  • Competitive pay
  • Paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
  • Short and long-term disability benefits
  • Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service