Lead SMTP Engineer

Leidos is hiring an energetic, motivated, innovative individual to be a part of our team supporting Centers for Medicare and Medicaid Services (CMS) in Baltimore, MD. The Lead SMTP Engineer works closely with the teams to manage, maintain, and optimize performance, durability, and cost to best support CMS and the general public. You will deliver solutions that ultimately ensure that the functions of Medicare, Medicaid, and Marketplace are carried out for the and contribute to efforts to reduce healthcare costs.

With a "no downtime, zero outages" vision and mantra, we support a range of hybrid and multi-cloud based application needs, ranging from managed services to self-service, all of which are based on our customer's required level of support.

A Lead SMTP Engineer should have a deep understanding of the SMTP protocol, including error codes, headers, and message lifecycle. Furthermore, they should have a strong knowledge of several MTAs such as Postfix, Sendmail, Exim, Exchange Edge Transport, OpenSMTP, MailEnable, as well as commercial MTAs such as Cisco ESA (IronPort), Proofpoint, Barracuda, and FortiMail. Additionally, an SMTP engineer should understand mechanisms for managing mail flow, in terms of volume, prioritization, queue-handling, and creating policies adapted to lifecycle requirements. You will be required to develop solutions that are highly innovative and achieved through research and integration of industry best practices. You will influence the development of solutions that impact strategic project/program goals and business results while also leading work of other technical staff. You will resolve highly complex problems using significant application of technical knowledge, conceptualizing, reasoning and interpretation. You will interact daily with various technical resources across different vendors which are fulfilling technical requirements for the customer.

Your goal will be to work with all stakeholders to help Leidos ensure delivery of high-quality, robust, and scalable solutions with minimal business impact. Lastly and most importantly, you will represent our program when meeting with the Application Development Organizations (ADO) and identify opportunities to provide support as well as modernization and innovation opportunities for their application.

The current work environment is remote, leveraging various tools such as Slack, Microsoft Teams, and Zoom.

Primary Responsibilities:

• Build and maintain products focused on application development lifecycle automation.
• Work with the cloud, security, testing, and application teams to build orchestration pipelines.
• Build, support, and maintain CI/CD pipelines that conduct multiple deployments a day.
• Provide guidance and stewardship in Agile and DevOps practices that maximize flow.
• Contribute to a culture of continuous improvement by establishing and participating in feedback loops.
• Meet with ADOs on a regular cadence to provide support and identify opportunities for optimization.
• Serve as a main point of contact for all technical needs and become the subject matter expert of the applications the team manages.
• Provide consult and leadership to Mid-level and Jr. SMTP team members and application teams.
• Become a subject matter expert with CMS Hybrid Cloud and CMS Enterprise Shared Service offerings.
• Develop strong relationships and partnerships with the other CMS Hybrid Cloud Product Teams.
• Continuously refresh infrastructure components such as EC2 instances, Cloud Formation Stacks, Kubernetes clusters, containers, etc.
• Promote strong quality control practices for all managed services as well as maintain robust documentation.
• Build and support components of a microservice based architecture.
• Work independently to resolve highly complex problems using significant application of technical knowledge, conceptualizing, reasoning, and interpretation.
• Apply Product Management principles to develop, maintain, optimize, and evangelize various products across the CMS ecosystem.
• Evangelize internally and to the customer the value propositions of products built.
• Influence development of solutions that impact strategic project/program goals and business results while also leading work of other technical staff.
• Conduct formal presentations on platform innovative solutions to the Architecture Review Board.
• Work closely with team manager on strategic initiatives of platform services from initial onboarding to the long-term support of ADO's platform services.
• Serve as the technical owner and SME for enterprise SMTP relays across on-prem and AWS environments, ensuring secure, reliable, and scalable email delivery for high-volume use cases.
• Manage and continuously update Postfix configurations across multiple relay clusters; enforce rate limiting, IP reputation controls, and downstream system protections (e.g., ECIS IronPort).
• Proactively monitor email traffic and build custom dashboards in Splunk and Datadog to detect misuse, anomalies, or policy violations. Implement remediation actions via automated and manual rule sets.
• Collaborate with application and DevOps teams to onboard and support their email relay usage - ensuring all integrations adhere to defined standards and policies, including TLS/cipher enforcement, IP allow-listing, and identity tagging.
• Work cross-functionally with security, compliance, and infrastructure teams to enforce policies and drive continuous improvements in our email security posture.
• Provide detailed guidance, documentation, and support to internal teams using the relays - acting as the first and last point of escalation for all SMTP-related queries and incidents.
• Assist development teams in tracking email delivery to their end recipients. Troubleshoot and resolve delivery issues by leveraging logs, dashboards, and relay metrics to provide clear RCA and resolution paths.
• Conduct periodic audits, policy reviews, and post-incident analysis to evolve the relay service architecture and eliminate blind spots.

Basic Qualifications:

• BS degree and 12+ years of prior relevant experience or Master's with 10+ years of prior relevant experience. Experience may be substituted in lieu of degree.
• Cloud Certification (e.g., AWS DevOps Professional, Azure Administrator).
• Experience in mail security and compliance, especially around SPF, DKIM, and DMARC implementation, enforcement of secure SMTP comms (STARTTLS, opportunistic and enforced TLS, MTA-STS, DANE, and TLS troubleshooting), anti-spam/anti-phishing best practices, black/listing, and filtering application.
• Demonstrate experience in providing stellar customer support and meeting customer SLA's.
• Knowledge of cloud-based security tools, best practices and policies including demonstrated experience protecting all layers of the application stack.
• Knowledge of the Software Delivery Life Cycle (SDLC).
• Cloud cost structures and basic FinOps knowledge.
• Strong and relevant experience in cloud technologies, cloud services, IaC, cloud storage, cloud networking and cloud security.
• Extensive experience with Cloud tools like Terraform, Helm, Steampipe, etc.
• Extensive experience with container build and orchestration: Kubernetes and/or Docker Swarm.
• Build and Configuration Management Tools: Jenkins, GitLab, GitHub, Ansible, Puppet, Chef, Terraform, Git.
• Strong knowledge and experience with Cloud IaaS, PaaS, and SaaS offerings.
• Extensive experience with AWS/Azure CLI, shell languages (e.g., Bash, PowerShell), and formal programming languages (e.g., Python, Golang, Rust).
• Strong experience with containers (Docker, ECS, EKS), serverless (Lambda), and Virtual Machine architecture.
• Capable of providing technical leadership and mentorship.
• Ability to manage conflict effectively.
• Ability to adapt and be productive in a fast-paced dynamic environment.
• Excellent writing and communication and collaboration skills supporting multiple stakeholders and business operations.
• Self-starter, self-managed, and a team player.

Preferred Qualifications:

• Expert level cloud certification (e.g. AWS Solutions Architect Professional, AZ-400).
• Certified Email Security Specialist (CESS).
• Linux+/RHCSA/LPIC-1/LPIC-2/RHCE.
• Experience with implementing platform services in a hybrid cloud hosting environment.
• Agile-based knowledge and skill, including experience with Scrum Ceremonies and work management tools (e.g. JIRA, Confluence).
• Security Skills-Knowledge of information assurance compliance and information security basics within CMS.

Required Clearance:

• Ability to obtain a Public Trust clearance.

All candidates supporting the CMS programs must have lived in the United States at least three (3) out of the last five (5) years prior in order to be considered.

Original Posting:
May 2, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:
Pay Range $112,450.00 - $203,275.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.