Description Leidos invites you to explore a unique opportunity as a Subject Matter Expert in Cyber Security Engineering within our
National Security Sector's (NSS) Cyber & Analytics Business Area (CABA). Our team leads the way in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. We offer an array of competitive benefits such as Paid Time Off, 11 paid Holidays, a 401K plan with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, among others.
Join Leidos and play a crucial role in enhancing National Security. Job Description: In this role, you will deliver information security solutions in accordance with the Risk Management Framework (RMF) and ICD 503 Security Accreditation controls as part of a dedicated Agile team. Your primary responsibilities will include collaborating with the customer security organization to ensure adherence to RMF processes, translating policies into operational procedures, leveraging appropriate tools in the DevSecOps CI/CD Pipeline, and generating body of evidence (BOE) information for security approvals. Additionally, you may be required to undertake part-time Information System Security Officer (ISSO) tasks. You will install and maintain security scanning tools, perform security scans, review scan results, and support information system security officers (ISSOs). We also value cross-training opportunities to provide support in systems engineering, software development, training, security, and testing.
Primary Responsibilities: As part of our team, you will safeguard the organization's information and information systems against unauthorized access, use, disclosure, disruption, modification, inspection, and destruction. Key duties include:
- Ensuring Cyber Security and Compliance & Risk Management.
- Identifying and defining system security requirements.
- Designing computer security architectures and developing detailed cyber security designs.
- Preparing and documenting standard operating procedures and protocols.
- Configuring and troubleshooting security infrastructure devices.
- Developing technical solutions and innovative security tools to mitigate vulnerabilities and automate routine tasks.
Basic Qualifications: - Minimum of 5 years of experience in system engineering or system administration.
- Experience in coordinating with RMF stakeholders (ISSMs, SCAs, etc.) for system testing, documentation, and accreditation throughout the development lifecycle.
- Proficiency in conducting vulnerability scanning and providing reports to the IT team while tracking remediation efforts.
- Ability to proactively identify security vulnerabilities and flaws.
- Continuously monitoring security bulletins to stay informed of current threats and trends.
- Tracking Common Vulnerabilities and Exposures (CVE) and aligning them with internal controls and remediation efforts.
- Conducting secure configuration audits of systems.
- Investigating and responding to cybersecurity incidents, implementing forensic investigations as necessary.
- Monitoring system and network security using Security Information and Event Management (SIEM) tools.
- Engaging in data and root cause analysis for service-impacting incidents with a focus on corrective action.
- Additional duties as assigned.
- Possession of at least 2 relevant certifications (CISSP, Splunk, Network+, Security+, OSCP, Windows, Cisco, CEH, Juniper, RHEL).
- A Bachelor's degree with 12 or more years of relevant experience or a Master's with 10 or more years of relevant experience is required. Equivalent experience may be considered in lieu of a degree.
- Active TS/SCI with polygraph clearance is a must.
Preferred Qualifications: - Experience with at least one vulnerability scanning tool (e.g., AWS Inspector, Rapid 7 Nexpose, AppDetective, WebInspect, OWASP).
- Familiarity with Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST).
- Experience with SIEM and Cloud Computing Technologies (AWS).
- Prior experience in Agile Software Development.
- Proficient in using HBSS, IDS/IPS, VPNs, and DISA STIGs.
- Familiarity with RHEL and system health tools (AppDynamics, SolarWinds).
- Knowledge of potential attack vectors such as XSS, injection, hijacking, and social engineering.
- Experience with Splunk, including creating dashboards, is a plus.
- Experience with OS patching and the Linux command line.
- Proficiency in Microsoft Windows.
- Automation experience is an advantage.
At
Leidos, we believe in the endless potential of our employees. We offer exciting assignments that foster both professional and personal growth. Your career advancement is important to us. We look forward to your application.
CABARESTON
Original Posting: March 31, 2025
For U.S. Positions: While subject to change based on business needs, Leidos anticipates that this job listing will remain open for at least 3 days, closing no earlier than 3 days following the original posting date.
Pay Range: Pay Range $126,100.00 - $227,950.00
The Leidos pay range for this job level serves as a general guideline and does not guarantee compensation. Additional factors such as job responsibilities, education, experience, skills, and market data considerations will influence the final offer.