C2 Network Security Operations Center - Cyber Security Engineer / Information Systems Security Engineer (ISSE)

The Multi-Domain Solutions Division at Leidos currently has openings for a Cyber Security Engineer / Information Systems Security Engineer (ISSE). Our team supports the Advanced Battle Management Systems (ABMS) Digital Infrastructure (DI) Network Manager program. In this mission we support the Department of the Air Force (DAF) to field and operate the ABMS Digital Infrastructure which is foundational in creating a unified command-and-control infrastructure connecting/ integrating sensors data streams and weapon systems across all domains (air land sea cyber and space). This will ultimately allow U.S. forces from all services as well as allies and partners to sense make sense and act upon a vast array of data and information faster than adversaries can detect and respond to. This role requires a deep understanding of risk management security frameworks and technical expertise in system security hardening vulnerability assessments and compliance. The ideal candidate will have experience working with accreditation staff and utilizing security tools to ensure systems meet established security requirements.

Responsibilities include:

• The ISSE will be part of a team that supports mission critical applications with both obtaining and maintaining Authorization to Operate (ATO) in accordance with the customers security policies.

• Collaborate on design efforts provide security engineering and lead the engineering of RMF artifacts of a large-scale enterprise Information Technology (IT) program.

• Interact with technical leads developers and system owners to ensure that Authorization to Operate (ATO) security packages properly adhere to RMF and DoD security guidelines.

• Provide ISSE expertise for all assigned engineering tasks and projects.

• Provide guidance describing the system and its functions information types operating environments and security requirements.

• Provide security artifacts and evidence for system security control questions.

• Review the adequacy of the security controls and their ability to protect the information system and its information; assist in tailoring security controls as appropriate.

• Assist in determining the assurance measures that can be used to meet assurance requirements.

• Work collaboratively with Systems Network and other engineers throughout the service design lifecycle to design and implement security controls and best practices such as Zero Trust Architecture including engineering of assigned RMF documentation.

• Conduct Assessment and Accreditation (A&A) activities following security processes and coordinating with the Designated Authorizing Official (DAO) representatives and appropriate security teams.

• Create and update assigned RMF documentation and artifacts for each service as required in EMASS.

• Review system security audit logs and take corrective action as needed.

• Perform security monitoring and evaluation tasks including security audits system control assessments and creating security alerts using the provided tool suite

• Conduct technical briefings and Technical Exchange Meetings (TEMs) to communicate security-related information to non-technical stakeholders.

• Develop security assessment criteria to ensure development teams comply with A&A requirements.

• Ensure compliance with encryption standards and secure system communications.

• Possess a strong industry knowledge of the latest security trends technology etc. and demonstrate forward thinking around how this technology can support the operational needs of the client and the future technical strategy of the organization.

• Mentor and guide fellow team members assisting with project execution and promoting skill development.

• Travel Requirements: As required.

Required Qualifications and Skills:

• Must have a DoD TS/SCI Clearance.

• Must have a current security certification in accordance with DoD 8140 and be able to get an appropriate computing environment certification within 6 months. DoD 8570 IAT/IAM level III equivalent.

• 10 years of experience in software engineering program design and implementation configuration management maintenance integration testing or information system engineering.

• 5 years of experience in system security analysis and implementation; secure system engineering or design; and work in protocol and/or interface standards

• Experience with the Assessment & Authorization (A&A) process for multiple security applications.

• Experience preparing system security plans risk assessments security standard operating procedures (SOPs) and contingency plans.

• Demonstrate experience with creating and validating evidence for RMF security controls.

• Experience performing security hardening for Windows and Linux systems including ports protocols security groups and patching.

• Possess a general knowledge of Red Hat Enterprise Linux 9 and Windows Server 2019/2022.

• Able to work in an Agile environment using project sprints and Jira Boards.

• Apply agile methodologies in security engineering workflows.

• Utilize enterprise security scanning tools including Tenable Burp Suite Defender for Endpoint ACAS ESS and Tanium for vulnerability and risk analysis.

Preferred Qualifications

• Security Onion experience.

• Familiar with back-security analysis tools such as Suricata Yara Sigma Elasticsearch Logstash Kibana Elastic Fleet PCAP OSquery and Zeke.

• Splunk Elasticsearch SIEM and SOAR experience.

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.