Logo
Leidos Holding

Cyber Security Engineer

Leidos Holding, Bethesda, MD


Description
Are you ready to join Leidos all-star team' Through training, teamwork, and exposure to challenging technical work, let Leidos show how to accelerate your career path.

Leidos has an exciting opening for you, our next Cyber Security Engineer, to assist with the release of a state-of-the-art technology stack under the DOMEX Technology Platform (DTP) contract supporting the National Media Exploitation Center (NMEC). Have impact as part of a mission focused, solutions oriented, and adaptive team that values innovation, collaboration, and professional development. As a Cyber Security Engineer, your job is to provide technical security expertise in our cloud and on-premises infrastructure. You will lean on your experience with security technologies and industry best practices while employing effective security solutions. This exciting and challenging work will help you expand your capabilities in security and will provide you with the skills and experience you need to achieve additional levels of the DoD 8570 IAT and IASAE Certifications. While most work is conducted on-site at our client location in Bethesda, MD, we offer a flexible schedule and, occasionally, some tasks may be performed remotely. Percentage of remote work will vary based on client requirements/deliverables.

In this role, you will collaborate closely with ISSOs. ISSSMs, software engineers, software developers, system engineers and Government counterparts to perform the full spectrum of systems and cyber security engineering tasks to ensure our systems meet a variety of regulatory compliance frameworks. Key tasks include the following:
  • Perform review and analysis of cybersecurity event logs
  • Conduct and review technical cybersecurity assessments
  • Coordinate with security personnel and recommend mitigation strategies
  • Identify points of vulnerability and non-compliance with established cybersecurity standards and regulations
  • Collaborate with our DevOpsSec team to help with analyzing scan results and remediation of findings
  • Manage and maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues
  • Perform and maintain vulnerability scans using Assured Compliance Assessment Solution (ACAS) and create reports
  • Track and report Information Assurance Vulnerability Management (IAVM) compliance using Assured Compliance Assessment Solution (ACAS)
  • Maintain Authorization to Operate (ATO) records in XACTA system
  • Manage and report Plan of Actions and Milestones (POA&M) compliance
  • Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
  • Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems
  • Apply system security engineering expertise in one or more of the following to : system security design process; engineering life cycle; information domain; cross domain solutions; commercial off the-shelf and government off-the shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing;

This is you:
  • BS degree and 4+ years of prior relevant experience
  • An active TS/SCI clearance with ability to obtain a Poly
  • At least one DoD 8570.01-M IAT Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, SSCP, CISSP (or Associate)
  • 1 year of experience developing and reviewing security concept of operations, systems security plans, security risk assessments, contingency plans, configuration management plans
  • Experience configuring, running, and analyzing vulnerability scans
  • Experience with XACTA, EMass, or similar tool
  • Experience with NIST Special Publications e.g. NIST SP 800-27, 30, 37, 53, 60
  • Experience with CNSS publication CNSSI 1253
  • Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans
  • Strong analytical, communication, problem solving, and interpersonal skills
  • Experience establishing a System Security Engineering (SSE) management process to integrate security and privacy controls into complex hardware and software systems

You will wow us even more if you have these skills:
  • Software development/coding experience with programming languages such as Python, Java, and React
  • Experience with DevOpsSec pipelines and tools
  • Experience with database systems, search engines, web applications
  • Experience in a Linux Red Hat and Centos environment
  • Experience with big data applications
  • Experience with Jira and Confluence
  • Experience working in an Agile environment
  • Experience with NIST SP 800-171

Original Posting Date: 2024-10-03While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range: Pay Range $101,400.00 - $183,300.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
#Featuredjob
About Leidos Leidos is a Fortune 500® innovation company rapidly addressing the world's most vexing challenges in national security and health. The company's global workforce of 47,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023. For more information, visit www.Leidos.com .
Pay and Benefits Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here .
Securing Your Data Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other person a l information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected] .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Diversity All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.