Principal Pipeline Engineer

Looking for an opportunity to make an impact?

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. The Leidos National Security Sector (NSS) combines technology-enabled services and mission software capabilities in the areas of cyber, logistics, security operations, and decision analytics to support our defense and intel customers’ mission to defend against evolving threats around the world.

Your greatest work is ahead!

The Multi-domain Solutions Division (MDS) within the Leidos National Security Sector is seeking a skilled Principal Pipeline Engineer to join a new cyber security program and play a key role in supporting government-critical systems. You will be part of a program that oversees development, integration, delivery, and operations and maintenance of IT managed security services, which encompasses support to monitor the cybersecurity threat and security posture situational awareness for the enterprise. This opportunity is in anticipation of a future contract award!

What you’ll be doing:

• Design, develop, and maintain secure CI/CD pipelines that ensure the integrity of software applications and infrastructure.
• Apply strong background in DevSecOps, security automation, and cloud-native technologies, enabling them to integrate security best practices seamlessly throughout the software development lifecycle (SDLC).
• Responsible for automating security controls, identifying vulnerabilities, and ensuring that secure coding practices are enforced across all stages of the pipeline.
• Responsible for writing and maintaining source code, creating and maintaining software applications and applying frameworks involved in a software release. 
• Computer programming, documenting, managing configuration, testing, and bug fixing involved in creating and maintaining applications and frameworks involved in a software release life cycle and resulting in a software product. 
• Work to achieve key project/program objectives and deliverables. 
• Manage large projects or processes with moderate impact on the achievement of sub-family results.
• Design, implement, and maintain secure CI/CD pipelines with integrated security controls to identify vulnerabilities early in the development process.
• Automate security testing (SAST, DAST, IAST) and compliance checks at each stage of the pipeline.
• Ensure that security gates and policies are enforced without compromising the speed and agility of development processes.
• Embed security best practices into CI/CD pipelines, infrastructure as code (IaC), and containerization workflows.
• Develop and maintain automated security tools for vulnerability scanning, container security, and code analysis.
• Collaborate with development and operations teams to promote a culture of security awareness and proactive risk management.
• Identify, analyze, and mitigate security vulnerabilities in application code, containers, and cloud infrastructure.
• Conduct regular security assessments and audits to ensure compliance with industry standards (e.g., ISO, NIST, CIS, SOC2).
• Define and enforce security policies to mitigate risks and ensure data protection in production environments.
• Secure cloud environments (AWS, Azure, GCP) by applying infrastructure-as-code security best practices.
• Implement robust access control, encryption, and monitoring solutions to protect sensitive data and assets.
• Continuously assess and enhance the security posture of cloud-based deployments.
• Establish real-time monitoring, alerting, and logging solutions to detect and respond to potential threats.
• Develop automated incident response playbooks to quickly contain and mitigate security breaches.
• Work with Security Operations teams to ensure effective incident response and forensics processes.
• Collaboration & Knowledge Sharing:
• Collaborate with developers, operations teams, and security engineers to enhance security awareness and enforce secure coding practices.
• Provide technical guidance and mentoring to junior engineers on secure pipeline practices.
• Develop and maintain security documentation and best practice guidelines for CI/CD pipelines.

What does Leidos need from me?

• Active Top Secret/SCI (TS/SCI) with Polygraph security clearance required. Must be U.S. Citizen.
• Bachelor's degree and 8 to 12 years of prior relevant experience or Master's with 6 to 10 years of prior relevant experience. Experience may be considered in lieu of a degree.
• Understanding of DoD IT security protocols and requirements
• Proficiency with CI/CD tools such as Jenkins, GitLab CI, GitHub Actions, Azure DevOps, or similar platforms.
• Strong knowledge of security tools and frameworks
• Hands-on experience with infrastructure as code (IaC) tools like Terraform, Ansible, and CloudFormation.
• Solid understanding of cloud security best practices across AWS, Azure, or GCP.
• Proficiency in scripting languages (Python, Bash, etc.) for automation and integration.
• Experience with containerization technologies such as Docker and orchestration tools like Kubernetes.
• Strong analytical and problem-solving skills with a passion for cybersecurity.

Favorable if you have:

• Certifications such as AWS Certified Security, Certified Kubernetes Security Specialist (CKS), GIAC Cloud Security Automation (GCSA), or equivalent.
• Experience with secret management tools (e.g., HashiCorp Vault, AWS Secrets Manager).
• Familiarity with compliance standards and frameworks such as PCI-DSS, HIPAA, SOC 2, and GDPR.
• Experience with security event monitoring, logging, and SIEM solutions.

Original Posting:

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.