Cybersecurity Assurance Engineer

Description

Are you looking for a role where you can truly make a difference?

Leidos is committed to creating a safer world by supporting our clients in the Defense Sector to fulfill their vital missions. Our dedicated team is addressing crucial challenges globally by providing innovative solutions through diverse and talented professionals who are passionate about our customers' success. At Leidos, we believe in empowering our teams, investing in our communities, and operating sustainably, guided by our Mission, Vision, and Values.

Are you ready for your next exciting career opportunity?

The Airborne Systems Business Area of our Defense Sector has an opening for a cleared Cybersecurity Assurance Engineer to work near Hanscom AFB. This position offers a unique chance to leverage your expertise while supporting the Air Force Research Lab, Air Force Lifecycle Management Center, and various DoD missions. Your contributions will be vital in supporting a range of programs through software design and development, hardware interfacing, laboratory experimentation, and rigorous ground and flight testing to implement state-of-the-art, next-generation solutions.

Primary Responsibilities

As a crucial member of the Leidos Security Team, your responsibilities will focus on safeguarding our systems and networks against a spectrum of threats and unauthorized access. This involves actively monitoring systems for anomalies, conducting comprehensive vulnerability assessments, implementing robust security measures such as firewalls and encryption methodologies, and responding promptly to security incidents. You will conduct penetration testing, risk assessments, and security audits to pinpoint and address vulnerabilities, ensuring our compliance with industry standards and best practices.

• Provide comprehensive accreditation support aligned with DoD cybersecurity policies, including Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).
• Analyze proposed operations modifications, document alternative solutions, and develop strategic and tactical cybersecurity plans and standards.
• Oversee the management of required resources to achieve adherence to accreditation timelines.
• Draft and maintain Standard Operating Procedures (SOPs), policies, and documentation related to patch and security update processes.
• Evaluate compliance with relevant NIST and DoD standards for STIG and patch compliance.
• Develop and manage a Cybersecurity Supply Chain Risk Management (C-SCRM) Plan to effectively identify and mitigate supply chain risks.
• Conduct risk and vulnerability assessments across information systems to evaluate needs for protection.
• Foster awareness of security issues among team members and communicate deficiencies to ISSMs and ISOs.
• Propose and implement programs ensuring adherence to security policies and procedures by all data users.
• Enforce adherence to information security/cybersecurity policies in all IT service delivery aspects.

Basic Qualifications

• Active DoD TS clearance with the ability to obtain TS/SCI.
• BA/BS or equivalent experience, with 4+ years of relevant experience, or a Masters with 2+ years in Cybersecurity/Information Technology/Computer Science.
• DoD 8570 IASAE I or higher professional cybersecurity certification (e.g., CISSP or equivalent).
• Strong grasp of networking principles such as OSI Model, LAN/WAN, IPv4/IPv6, subnetting, and VPN.
• Experience with identity management tools like LDAP, SAML, and PKI.
• Proven experience in the backup and recovery of on-prem and virtualized IT environments.
• Experience with DoD Risk Management Framework (RMF) and managing relevant Plans of Action and Milestones (POA&Ms).
• Familiarity with NIST cybersecurity guidelines (NIST SP 800-53 and SP 800-171).
• Knowledge of DoD cybersecurity operations and relevant instructions/guidelines.
• Understanding of Special Access Program (SAP) cybersecurity practices.
• Experience creating documentation for Authorization to Operate (ATO) packages.
• Experience working in a Software Integration Laboratory (SIL) environment.
• Understanding of cybersecurity policies, principles, and practices.
• User-level proficiency in navigating Linux directories and executing scripts.
• Conducted risk and vulnerability assessments to identify critical protection needs.
• Documented system deficiencies and recommended viable remediation solutions.
• Participated in security evaluations, audits, and reviews.
• Ability to rapidly assimilate new technologies essential for cybersecurity roles.
• A passion for learning and developing new technology skills.
• Excellent written and verbal communication skills suitable for one-on-one discussions and small group presentations.
• Aptitude for effective multitasking in a dynamic work environment.

Preferred Qualifications

• Active DoD TS/SCI clearance.
• Experience with DOD Communication Security (COMSEC).
• Interpreted system scanning tool outputs (such as Nessus) to identify optimal remediation strategies.
• Familiarity with DevSecOps practices and Agile methodologies.
• Experience with code scanning tools for various analyses and assessments.
• Skilled in On-Prem and Cloud computing environments (AWS, Azure, Google Cloud).
• Experience managing cybersecurity teams in a DoD/USAF context.
• Knowledge of log aggregation and SIEM tools such as Splunk, ELK, or Grafana.
• Experience with Docker and related deployment technologies like Terraform and Kubernetes.
• Familiarity with CI/CD practices and tools like Jenkins.
• Understanding the best practices for securing API Gateways and Endpoints.
• Experience using Atlassian Tools Suite (Bitbucket, Confluence, JIRA).
• Experienced in designing configurations for VNet/VLAN settings to enhance security across cloud environments.
• Basic administration skills in Linux and Windows environments.

For U.S. Positions: This job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date.

Pay Range: $85,150.00 - $153,925.00

The Leidos pay range for this role is intended as a guideline and does not guarantee specific compensation. Several factors, including job responsibilities, education, experience, knowledge, skills, abilities, and other relevant criteria, will be considered when extending an offer.