Security Engineer

LeidosAirports Borders and Securityis seeking a highly motivatedCybersecurity Engineer to supportTSA on anationwideprogram.The successful candidate will join an existingteam supportingcloud-based infrastructure and devices deployed throughout the US and US Territories.The team is highly integrated and the successful candidate will be expected to learn the existing architecture and provide support both during normal hours after hour patching and on call as needed.The individual will be expected to be able to work with minimal supervision and be self-directed in the areas of theirresponsibility.

In addition to responsibilities on program thiscandidate will providetheirspecialized knowledge to help push forward Transportation Security Administration (TSA) Modernization efforts. This role serves as a bridge between Leidos innovative solutions and TSAs specific mission to protect the nations transportation systems and ensure freedom of movement for people and commerce. As part of the team the Security Engineer will design and implement network monitoring and identity management solutions conduct threat modeling and ensure compliance with security standards. The ideal candidate brings experience with security accreditation vulnerability assessment and hands-on technical implementation.

Primary Responsibilities:

• Administer and harden Cloud based environment.

• Administer and harden servers and workstations (e.g. RHEL Windows) including OS configuration patching and security baseline enforcement.

• Administer and harden network appliances (e.g.VPN SWG NGFW) including configuration patching and security baseline enforcement.

• Generate compliance and vulnerability reports for leadership auditors and governanceteams;track remediation progress and aging.

• Interpret technical vulnerabilities (CVEs CVSS) and clearly communicate risk and remediation options to technical and non-technical stakeholders.

• Design implement andmaintainsecure system architecturesin accordance withorganizational policies and industry best practices.

• Provide support for Active Directory and networking issues.

• Provide user support and training managing system access permissions and issue resolution.

• Manage account creation modification and termination in compliance with security protocols.

• Implement/configure IT equipment per DISA STIGs and resolve compliance issues

• Run vulnerabilityand compliancescans and remediate findings

• Design and implement network monitoring and maintenance solutions

• Implementcentralized account management forTSS Common Workstation (CW) users

• Create threat models forLeidos airportofferings andsolutions

• Document and deliveranydocumentation that may beto obtain Authorization to Operate (ATO)e.g. System Security Plan (SSP)Security Assessment Report (SAR)Contingency PlanNetworkPorts Protocols and Services Management (PPSM)

• Resolve track andbring to closurePlan of Actions & Milestones(POA&M)

Basic Qualifications:

• Must be a US Citizen

• Must be able toattaina suitability determination from TSA

• Demonstrated ability to work independently with minimalsupervision

• Excellent problem-solving skills.

• Proficiencywith common Agile practices service-oriented environments and better developmentpractices

• Experience with networking ports and protocols architecture of networked systems functionality of various operating systems cloud computingenvironmentsand common security tools.

• Experience in working collaboratively within a remote environment.

• Strong consulting leading and mentoring skills along with the ability to effectively communicate and collaborate with stakeholders at all levels.

• Broad knowledge of and experience with a wide variety of application technologies platforms and tools including security and infrastructure configuration and monitoring.

• Excellent written verbal and presentation communication skills.

• Demonstrated experience applying efficient task management and ability to adjust to changing requirements

• Excellent analytical and technical skills.

• Bachelors Degree inComputer Science Engineering or a similarfieldor 10 years relevant experience and associated certifications

• CISSP or Security certification

• Experience working with government agency to obtain ATOfornew IT services

• Experienceenforcing DISA STIGsecurity policies in Windows and Linux environments

• Familiarity with NIST Risk Management Framework (RMF)

• Familiarity with DISA STIGs and vulnerability scanning tools (e.g. Nessus Nipper)

Preferred Qualifications:

• Experienceimplementing Endpoint Management Solutions(e.g.TrellixEndpointSecurityePolicyOrchestrator)

• Experience with network monitoring solutions(e.g. PRTG)

• Experience with centralized Security Information and Event Management (SIEM) solutions(e.g. Splunk)

• Experience accrediting systems and obtaining ATO from TSA

• Familiarity with threat modeling tools (e.g. OWASP Threat DragonMicrosoft Threat Modeling Tool)

• AWS Certification

• Familiarity with Red Hat Open Shift

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.