Senior Information Systems Security Engineer

Leidos is seeking an Information Systems Security Engineer (ISSE) for a technical development program supporting a cloud-based application, and its associated cloud infrastructure located on a secure network.  The ISSE will work with a large team of developers, software engineers, database administrators, and system architects.

The ISSE will be required to carry a duty phone on a rotational basis, and may need to come in to address issues that arise.

Primary Responsibilities

• Identifying, selecting, implementing and assessing NIST SP 800-53 security and privacy controls.

• Developing, establishing and integrating secure configuration baselines per DISA STIGs and CIS benchmark guidelines.

• Participate in creating secure architectures and designs.

• Ensuring security requirements are integrated into the System/Software Development life cycle (SDLC).

• Performing Continuous Monitoring (ConMon) activities to support Assessment and Authorization (A&A) requirements.

• Reviewing, creating and maintaining relevant Assessment and Authorization (A&A) artifacts.

• Performing security analysis and monitoring of a 100 percent AWS, cloud-based system

• Performing vulnerability scanning and analysis of the system

• Perform remediation and develop security implementations based on security findings

• Interface with Information System Security Managers (ISSM) to develop and accredit the system

• Participate in or lead technical exchange meetings, document meeting outcomes as needed, and brief management

Required Qualifications

• Active TS/SCI with Polygraph

• Typically requires a Bachelor of Science (BS) degree and 12+ years of relevant experience. Additional experience in lieu of degree.

• Hands on experience with Linux (CLI)

• Hands on experience with scripting and programming languages like BASH and Python

• Solid understanding of, experience with networking (e.g., ports, routing tables, subnets, VPNs, firewalls, routers, etc.) to include design, integration and troubleshooting issues

• Experience in working on teams utilizing Agile workflows and processes

• Strong understanding of NIST SP 800-37, NIST SP 800-53, NIST SP 800-160, DISA/CIS STIGs, and Common Vulnerabilities and Exposures (CVEs)

• Experience with RMF workflow tools

Desired Qualifications

• Relevant IT certifications (e.g., CISSP, AWS Cloud Practitioner, AWS Cloud Security)

• Experience working with Infrastructure as Code (IaC) solutions such as Ansible / Terraform, or other configuration and automation tools

• Experience in working in a cloud-based environment (AWS)

• Strong communication and organizational skills.

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.