GenAI Cloud Engineer

Description

The Civil Group at Leidos has an opening for an early career GenAI Cloud Engineer to help design, secure, and automate an AWS contact center platform that uses Amazon Connect, Lex V2, Amazon Q in Connect, Contact Lens, Bedrock, Open Search, and Lambda (Python). This is a cloud infrastructure/security engineering role, and you will write and maintain Python code and Infrastructure as Code (IaC) to build secure, compliant foundations;

integrate AI services; and help improve customer experience through robust automation and guardrails. You will work with senior engineers to implement a security first architecture that deflects customer contacts with voice/chat bots and provides agents real time AI assistance. This is an exciting opportunity to grow your software skills while gaining hands on experience with cloud networking, encryption, identity, observability, and GenAI safety controls in a mission environment.

• Build secure, automated foundations (under guidance):

  • Author Infrastructure-as-Code (e.g. Cloud Formation) to provision VPCs, private subnets, and interface VPC endpoints (Private Link) for Bedrock, Open Search, S3, KMS, Cloud Watch, Lambda, Secrets Manager, STS, and Event Bridge.
  • Stand up encrypted S3 buckets, KMS CMKs, bucket/key policies, and logging baselines (Cloud Watch, Cloud Trail).
  • Contribute to IAM least privilege roles, permission boundaries, and service principals for Connect, Q in Connect, Contact Lens, Lambda, and Open Search.

• Develop and maintain Python (serverless) services:

  • Write Lambda functions for Bedrock orchestration, Open Search indexing/queries, knowledge sync hooks, and post contact summarization.
  • Implement unit/integration tests, structured logging, error handling, and cost/latency guards; enable Model Invocation Logging for Bedrock.

• Amazon Connect stack enablement:

  • Assist with instance configuration, Contact Lens (real time and post contact) enablement and redaction policies, S3 exports, and Event Bridge events.
  • Configure Lex V2 bots, conversation logging, and Connect flow integration, including safe generative fallback patterns.
  • Help enable Amazon Q in Connect domains, KMS encryption, knowledge source integrations, and step by step guides.

• Data and AI safety controls:

  • Implement Bedrock and Q guardrails and prompt templates; enforce PII minimization and safe fallbacks; participate in prompt evaluation and regression tests.
  • Support privacy/compliance controls (data retention, redaction, access reviews) and contribute to threat modeling and remediation of findings.

• Search and analytics:

  • Assist with provisioning and configuring Open Search Service (VPC only, KMS), vector/keyword indices, and lifecycle/snapshot policies.
  • Build ingestion pipelines (Lambda or Open Search Ingestion) for knowledge content; tune analyzers/synonyms under direction.

• Web and chat entry:

  • Contribute to Cloud Front + WAF configurations for the chat front door, rate limits/bot control, and origin access policies.

• Dev Sec Ops  and operations:

  • Use Git operations, CI/CD, and code reviews; maintain runbooks, diagrams, and SOPs.
  • Participate in on call rotations and incident response drills as needed; implement alarms/dashboards (e.g., Cloud Watch) for deflection, AHT, and model usage.

• Bachelor's degree in Computer Science, Engineering, or related field and 2-4 years of relevant experience; or a Master's with