IT Security Engineer

Falls Church, VA, United States

Description

Join us at Leidos, where your most important work is ahead! You will enjoy great benefits such as paid time off (PTO), flexible schedules, discounted stock purchase plans, career growth, unlimited education and training support, parental paid leave and more! You will have the opportunity to work under the best leadership in the industry at all levels; where supporting their employees and what they do… is what matters.

Leidos is currently seeking a Senior Cyber Security Engineer to join our team of Cyber Security Engineers / ISSEs supporting our customer’s mission critical systems and networks. The Cyber Security Engineer will interface daily with multiple system owners, engineers and security teams.  This position is responsible for providing engineering expertise and guidance for the design, development, and implementation of IT security solutions that protects and monitors critical mission networks and systems. The Cyber Security Engineer will support enhancements to system security architecture and cyber security capabilities and manage multiple system security plans for development, test and production systems to support Assessment and Authorization (A&A) security requirements. The candidate must have a solid understanding of cyber security and engineering best practices.

Primary Responsibilities:

The Cyber Security Engineer is responsible for researching, evaluating, planning, designing, engineering, and delivering cybersecurity solutions. This includes:

Review and ensure compliance with customer security policies and requirements.

Review new and existing system designs for compliance with security standards and best practices.

Conduct vulnerability assessments and security scans on both systems and networks to identify and mitigate security vulnerabilities.

Remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms).

Analyze and mitigate network-related risks.

Manage and review security logs and taking required actions.

Lead system and application architects through security acceptance testing.

Provide architectural and technical guidance and recommendations for securing systems and networks.

Implement securing and hardening recommendations.

Implement an information security framework.

Produce threat reports.

Document and communicate security policy to enterprise organizations and gain organization commitment for security plans.

Conduct research on emerging technologies in support of enterprise operations. Ensure new and existing products conform to information security policies, standards, and best practices.

Req uired Qualifications:

Must have an active TS/SCI with Polygraph to be considered for this role.

Ability to satisfy a government-administered high-risk role screening.

Bachelor’s degree in Computer Science, Information Technology, Computer Forensics, Cyber Security, Information Security System Engineering or similar field with 12+ years of experience. Additional experience may be substituted in lieu of a degree.

Knowledge of networking environments and related technologies to include, but not limited to routing, switching, VLANs, subnets, firewalls, Windows operating systems, LINUX/UNIX-based operating systems, common networking protocols, and common enterprise technologies.

Understanding of IT security principals, technologies, best practices to include logical access control, PKI and other encryption methods, network-based and host-based IDS/IPS, security configuration baselines, auditing, vulnerability discovery, and management.

Experience with scanning and elevation tools (Nessus, Retina, Wireshark, NMAP, etc.).

Experience successfully implementing advanced cyber security technologies in a complex environment.

Experience developing and implementing information security controls, procedures, and documentation for the operations of systems.

Experience accrediting systems following the Risk Management Framework.

Experience documenting systems' adherence to NIST Special Publication 800-53, Security and Privacy Controls for Information Systems and Organizations.

Experience with ongoing Authorizations and Assessments (A&A) and continuous monitoring.

In-depth technical experience with network infrastructure, operating systems, database, and web applications.

Demonstrated experience in testing and implementing network vulnerability and protection.

Senior-level knowledge of information security concepts, policy frameworks, and best practices.

Must be highly organized and self-motivated with excellent documentation skills and the ability to work with minimal supervision.  Candidate should be able to communicate effectively with customers and team members at all levels.

Desired Qualifications

Information Assurance Certifications (i.e., CISSP, CISA, GIAC, Security +, Certified Ethnical Hacker, etc.)

CISCO CCNA, CCNP or CCIE certified.

In-depth knowledge of Linux operating system variants.

Knowledge of scripting language (Perl and/or Bash).

Experience with CISCO and Juniper Networks.

Knowledge of Agile development using SAFe

Experience using Atlassian tool suite to include JIRA and Confluence to track activities and knowledge management documentation.

Original Posting Date: 2024-03-26 While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range: Pay Range $122,200.00 - $220,900.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.