Type of Requisition:

Regular

Clearance Level Must Currently Possess:

Secret

Clearance Level Must Be Able to Obtain:

Secret

Public Trust/Other Required:

None

Job Family:

IT Infrastructure and Operations:

Job Qualifications:

Skills:

Cloud Security Architecture, Security Controls, Security Practices

Certifications:

None

Experience:

5 + years of related experience

US Citizenship Required:

Yes

Job Description:

Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by designing, implementing, and enforcing secure cloud architectures that protect mission systems and enterprise infrastructure.

At GDIT, people are our differentiator. As a Cloud Security Engineer, you will help ensure today is safe and tomorrow is smarter.

GDIT is seeking a technically strong and mission-focused Cloud Security Engineer to support USAREUR-AF. This role is responsible for implementing and enforcing a robust security posture across hybrid cloud and on-premise environments. The ideal candidate is a hands-on engineer with deep Linux expertise, strong cloud identity management experience, and a working knowledge of DoD security compliance frameworks.

HOW A CLOUD SECURITY ENGINEER WILL MAKE AN IMPACT

The Cloud Security Engineer will design, implement, and sustain security controls across cloud infrastructure, Kubernetes platforms, virtualized environments, and supporting systems. This role focuses on secure architecture implementation, identity and access management, vulnerability remediation, STIG enforcement, and continuous monitoring.

Key responsibilities include:

• Design and implement secure cloud architectures across hybrid environments (public cloud and private infrastructure).

• Engineer and enforce identity and access management (IAM) solutions, including role-based access controls, least privilege enforcement, and federation models.

• Configure and maintain cloud-native monitoring and logging solutions (e.g., CloudWatch or equivalent), ensuring visibility into security events and system health.

• Support and remediate vulnerability findings identified through ACAS and related scanning tools.

• Implement and validate STIG compliance across Linux and Windows systems, virtual machines, and Kubernetes clusters.

• Harden Linux-based cloud and container hosts (primary focus) and Windows systems (secondary focus) in accordance with DoD security standards.

• Secure Kubernetes clusters, container runtimes, and supporting infrastructure through proper network segmentation, RBAC configuration, and workload isolation.

• Implement zero-trust principles across cloud networking and service-to-service communication.

• Develop and maintain Infrastructure as Code (IaC) security baselines to ensure consistent and repeatable secure deployments.

• Support security incident response activities within cloud environments, including log analysis and containment efforts.

• Map implemented technical controls to DoD compliance frameworks including NIST 800-53, STIGs, and CMMC requirements.

• Collaborate with platform engineers, system administrators, and cybersecurity teams to ensure secure system design and continuous compliance.

WHAT YOU’LL NEED TO SUCCEED

Education

Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, or related technical field (or equivalent practical experience).

Required Experience

3–5 years of experience securing cloud or hybrid infrastructure environments.

Required Technical Skills

Cloud Security Architecture

• Experience implementing secure configurations in GCP, AWS, Azure, or comparable cloud platforms.

• Strong understanding of cloud identity services, IAM policy design, multi-account security strategy, and role-based access control.

• Experience configuring logging, monitoring, and alerting services for cloud security visibility.

Vulnerability Management & Compliance

• Experience working with ACAS and vulnerability scanning tools.

• Hands-on experience applying and validating STIGs across Linux and Windows systems.

• Understanding of NIST, STIG, and CMMC compliance requirements in DoD environments.

• Experience supporting vulnerability remediation and security control validation.

Linux & Windows Systems

• Strong Linux administration background (approximately 70% of environment), including system hardening, auditing, patching, and secure configuration.

• Working knowledge of Windows Server administration and security configuration (approximately 30% of environment).

• Experience securing virtual machines in VMware or similar virtualization platforms.

Kubernetes & Container Security

• Experience securing Kubernetes clusters, including RBAC, network policies, secrets management, and pod security standards.

• Familiarity with container hardening and image security best practices.

• Understanding of secure service mesh or encrypted service communication models.

Networking & Zero Trust

• Strong understanding of TCP/IP networking, firewalls, VLANs, VPNs, routing, and segmentation.

• Experience implementing least privilege network access and micro-segmentation within cloud environments.

Automation & Scripting

• Proficiency in Bash and Python for security automation and remediation scripting.

• Experience using Infrastructure as Code tools (Terraform, Ansible, or similar) to enforce security baselines.

• Familiarity with CI/CD security integration and Dev Sec Ops principles.

Preferred Qualifications

• Experience supporting Army or DoD enterprise environments.

• Experience contributing to ATO packages or security control documentation.

• Cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer) preferred.

• Security+ or equivalent DoD 8570 IAT Level II certification required, higher level (CASP/CISSP/CISA) preferred.

Position Summary

This role is ideal for a Cloud Security Engineer who is a technical implementer first and policy-aware second. The successful candidate will actively engineer and enforce security controls across cloud and hybrid environments, ensuring infrastructure is hardened, compliant, and resilient against threats. This position balances deep hands-on platform engineering (approximately 66%) with security governance alignment and policy enforcement responsibilities (approximately 33%).

GDIT IS YOUR PLACEAt GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities

• Support: An internal mobility team focused on helping you achieve your career goals

• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

• Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITYExplore an enterprise IT career at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your desire to drive operations forward.

The likely salary range for this position is $102,000 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Total compensation for international positions varies by tax, social security, and immigration statuses, as well as location. Generally, an international assignment may include allowances, premium uplifts, and/or relocation or transportation benefits, above base salary range noted.

Scheduled Weekly Hours:

40

Travel Required:

Less than 10%

Telecommuting Options:

Onsite

Work Location:

• DEU Wiesbaden
• Wiesbaden Army Airfield (APC180)

Additional Work Locations:

Total Rewards at GDIT:

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans