Cloud Security Engineer (Cloud & Hybrid Infrastructure)

Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by designing, implementing, and enforcing secure cloud architectures that protect mission systems and enterprise infrastructure.

At GDIT, people are our differentiator. As a Cloud Security Engineer, you will help ensure today is safe and tomorrow is smarter.

GDIT is seeking a technically strong and mission-focused Cloud Security Engineer to support USAREUR-AF. This role is responsible for implementing and enforcing a robust security posture across hybrid cloud and on-premise environments. The ideal candidate is a hands-on engineer with deep Linux expertise, strong cloud identity management experience, and a working knowledge of DoD security compliance frameworks.

HOW A CLOUD SECURITY ENGINEER WILL MAKE AN IMPACT

The Cloud Security Engineer will design, implement, and sustain security controls across cloud infrastructure, Kubernetes platforms, virtualized environments, and supporting systems. This role focuses on secure architecture implementation, identity and access management, vulnerability remediation, STIG enforcement, and continuous monitoring.

Key responsibilities include:

• Design and implement secure cloud architectures across hybrid environments (public cloud and private infrastructure).

• Engineer and enforce identity and access management (IAM) solutions, including role-based access controls, least privilege enforcement, and federation models.

• Configure and maintain cloud-native monitoring and logging solutions (e.g., CloudWatch or equivalent), ensuring visibility into security events and system health.

• Support and remediate vulnerability findings identified through ACAS and related scanning tools.

• Implement and validate STIG compliance across Linux and Windows systems, virtual machines, and Kubernetes clusters.

• Harden Linux-based cloud and container hosts (primary focus) and Windows systems (secondary focus) in accordance with DoD security standards.

• Secure Kubernetes clusters, container runtimes, and supporting infrastructure through proper network segmentation, RBAC configuration, and workload isolation.

• Implement zero-trust principles across cloud networking and service-to-service communication.

• Develop and maintain Infrastructure as Code (IaC) security baselines to ensure consistent and repeatable secure deployments.

• Support security incident response activities within cloud environments, including log analysis and containment efforts.

• Map implemented technical controls to DoD compliance frameworks including NIST 800-53, STIGs, and CMMC requirements.

• Collaborate with platform engineers, system administrators, and cybersecurity teams to ensure secure system design and continuous compliance.

WHAT YOU’LL NEED TO SUCCEED

Education

Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, or related technical field (or equivalent practical experience).

Required Experience

3–5 years of experience securing cloud or hybrid infrastructure environments.

Required Technical Skills

Cloud Security Architecture

• Experience implementing secure configurations in GCP, AWS, Azure, or comparable cloud platforms.

• Strong understanding of cloud identity services, IAM policy design, multi-account security strategy, and role-based access control.

• Experience configuring logging, monitoring, and alerting services for cloud security visibility.

Vulnerability Management & Compliance

• Experience working with ACAS and vulnerability scanning tools.

• Hands-on experience applying and validating STIGs across Linux and Windows systems.

• Understanding of NIST, STIG, and CMMC compliance requirements in DoD environments.

• Experience supporting vulnerability remediation and security control validation.

Linux & Windows Systems

• Strong Linux administration background (approximately 70% of environment), including system hardening, auditing, patching, and secure configuration.

• Working knowledge of Windows Server administration and security configuration (approximately 30% of environment).

• Experience securing virtual machines in VMware or similar virtualization platforms.

Kubernetes & Container Security

• Experience securing Kubernetes clusters, including RBAC, network policies, secrets management, and pod security standards.

• Familiarity with container hardening and image security best practices.

• Understanding of secure service mesh or encrypted service communication models.

Networking & Zero Trust

• Strong understanding of TCP/IP networking, firewalls, VLANs, VPNs, routing, and segmentation.

• Experience implementing least privilege network access and micro-segmentation within cloud environments.

Automation & Scripting

• Proficiency in Bash and Python for security automation and remediation scripting.

• Experience using Infrastructure as Code tools (Terraform, Ansible, or similar) to enforce security baselines.

• Familiarity with CI/CD security integration and DevSecOps principles.

Preferred Qualifications

• Experience supporting Army or DoD enterprise environments.

• Experience contributing to ATO packages or security control documentation.

• Cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer) preferred.

• Security+ or equivalent DoD 8570 IAT Level II certification required, higher level (CASP/CISSP/CISA) preferred.

Position Summary

This role is ideal for a Cloud Security Engineer who is a technical implementer first and policy-aware second. The successful candidate will actively engineer and enforce security controls across cloud and hybrid environments, ensuring infrastructure is hardened, compliant, and resilient against threats. This position balances deep hands-on platform engineering (approximately 66%) with security governance alignment and policy enforcement responsibilities (approximately 33%).

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities

• Support: An internal mobility team focused on helping you achieve your career goals

• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

• Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore an enterprise IT career at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your desire to drive operations forward.