Information Assurance Engineer

Primary Responsibilities

As part of the Leidos Security Team you will be responsible for safeguarding the organizations systems and networks against threats breaches and unauthorized access. This includes monitoring systems for unusual activity conducting vulnerability assessments implementing security measures such as firewalls and encryption protocols and responding to security incidents. You will be expected to perform penetration testing risk analysis and security audits to identify and mitigate vulnerabilities ensuring compliance with industry regulations and best practices. Additionally you will be maintaining security tools developing incident response plans and collaborating with both system owners and government partners to enhance the overall cybersecurity posture. Qualified candidates will have knowledge experience and demonstrated ability to perform tasks related to assessing securing and monitoring IT systems. Candidates will have the ability to work independently and apply the proper procedures and process related to their area of expertise. You will assist the ISSM in the development of Risk Management Framework (RMF) security package documentation such as System Security Plans (SSP) Standard Operating Procedures (SOPs) security control assessments selfinspections and any relevant Plans of Action and Milestones (POAMs).

• Manages and provides full accreditation support to meet DoD cybersecurity policies including Security Technical Implementation Guides (STIGs) Security Requirements Guides (SRGs)

• Conducts studies and analysis of proposed operations modifications identifies and documents alternative operations solutions develops strategic and tactical plans strategies and standards. Assists with development and maintenance of the System Security Engineering Plan Cybersecurity Plan Security assessment Report operating procedures Plan of Action and Milestones (POA&Ms) Risk Assessment Report and all associated artifacts to obtain accreditation.

• Provides management of resources and ensures schedules are met to achieve accreditation.

• Author and maintain Standard Operating Procedures (SOPs) policies and appropriate patch/security documentation including policies detailing patch and security update processes and procedures.

• Assess compliance with relevant NIST and DoD standards for STIG and patch compliance.

• Develops and maintains a Cybersecurity Supply Chain Risk Management (CSCRM) Plan that properly identifies and mitigates supply chain risks and utilizes all current and successor publications (e.g. NIST 800161 and NIST 80053).

• Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities risks and protection needs of Windows and Linux systems

• Promote awareness of security issues and communication of deficiencies to ISSMs and ISOs.

• Recommend and implement programs to ensure that systems networks and data users are aware of understand and adhere to systems security policies and procedures

• Ensure the rigorous application of information security/cybersecurity policies principles and practices in the delivery of all IT services.

Basic Qualifications

• Must have an active DoD TS clearance with the ability to obtain TS/SCI

• BA/BS or equivalent experience and 4 years of prior relevant experience or Masters with 2 years or prior relevant experience in Cybersecurity/Information Technology/Computer Science

• DoD 8570 IASAE I or higher professional cybersecurity certification (aka CISSP or equivalent)

• Strong understanding of networking concepts such as OSI Model LAN/WAN IPv4/IPv6 subnetting VLANs edge services & pointtopoint VPN

• Experience with identity management & authentication tools such as LDAP SAML and PKI

• Experience with backup and recovery of onprem and virtualized IT infrastructure

• Experience with the DoD Risk Management Framework (RMF) including assessment of risks and the managing interpreting and updating Plans of Action and Milestones (POA&Ms)

• Familiarity and experience with NIST cybersecurity guidelines including NIST SP 80053 and SP 800171

• Familiarity and experience with DoD cybersecurity operations including DoD and USAF instructions/guidelines

• Familiarity and experience with Special Access Program (SAP) cybersecurity JSIG and Operational Security (OPSEC) practices

• Experience creating the body of evidence for an ATO package

• Experience working in a SIL environment

• Strong understanding of information security and cybersecurity policies principles and practices in the delivery of all IT services.

• User level experience in traversing Linux directories and executing scripts.

• Experience in risk and vulnerability assessments of information systems to identify vulnerabilities risks and protection needs.

• Experience in documenting system deficiencies and recommending solutions for remediation.

• Experience with participating in security evaluations audits and reviews.

• Be able to learn new technologies and skills that are essential to cybersecurity roles and responsibilities.

• Strong desire to grow and learn new technologies.

• Ability to communicate effectively in writing and verbally from informal oneonone discussions or in a small group environment.

• Ability to work within a dynamic work environment ability to handle multiple tasks at once (multitask)

Preferred Qualifications.

• Active DoD TS/SCI clearance

• Familiar with DOD Communication Security (COMSEC)

• Experience interpreting system scanning tool outputs/assessments (Nessus SCAP Evaluate STIG etc.) and determining the optimal means for cybersecurity findings remediation

• Experience with DevSecOps Agile software development and the SAFe Agile methodology

• Familiarity with code scanning tools for Static Code Analysis Third Party Code Provenance Third Party Dependencies Software Vulnerabilities Container Health Assessment and Dynamic Code Analysis

• Experience with OnPrem and Cloud (AWS Azure Google Cloud etc.) computing environments

• Familiarity and experience managing cybersecurity teams in a DoD/USAF operational environment

• Familiarity with log aggregation and SIEM tools such as Splunk ELK Grafana Solar Winds etc.

• Experience with Docker container and deployment technologies such as Terraform Kubernetes OpenShift Helm EKS AKS

• Familiarity with Jenkins CI/CD pipeline code building and tools and gating principles

• An understanding of the hardening of API Gateways and API Endpoints

• Atlassian Tools Suite experience (Bitbucket Confluence JIRA)

• Experience in in designing and implementing VNet/VLAN ports protocols and services settings to restrict communications across Cloudnative virtual networking boundaries

• Experienced in basic Linux and Windows administration