The National Security Sector of Leidos has a dynamic job opening for a Security Engineer (IASE/ISSE) to work at our customer site in Suitland, MD. All work will be performed onsite at the National Maritime Intelligence Center.
In this role, you will be recognized as the subject matter expert and will have a thorough understanding of advanced technical principles, theories, and concepts in Security Engineering to include operations, engineering, technical and program management support services and associated supplies to support the cyber related requirements and operations. You will be relied upon to influence development of solutions that impact mission goals and objectives and will be expected to work independently and resolve highly complex problems using significant application of technical knowledge, conceptualizing, reasoning and interpretation of facts and requirements.
This is a great opportunity to be part of the Cybersecurity Engineering team responsible for providing in-depth Information Systems Security Engineering (ISSE) Support to the ONI Enterprise and the mission of Assessment and Authorization for the Navy Intelligence Delegated Authorizing Official. The Security Engineering Division identifies and matures information system security requirements and ensures those requirements are effectively integrated into information technology components and information systems through purposeful security architecting, design, development, and configuration. Cybersecurity Engineering Division is also the engineering and system administration lead for new cybersecurity tools entering the enterprise.
Primary Responsibilities:
- Capture and refine information security requirements and ensure their integration into information technology components and information systems through purposeful security design and configuration.
- Perform vulnerability assessments, ethical hacking, and penetration testing to determine weaknesses and exploit methods in systems/networks utilizing COTS tools like Kali Linux, GOTS tools, and approved open-source scanning tools as well as security testing methodologies and frameworks to determine threats against information and system/networks and recommend appropriate countermeasures for continued mission assurance.
- Perform cybersecurity analysis and threat vector identification of complex IT requirements and IT systems to include:
- Critical infrastructure systems and Industrial Control Systems that employ SCADA technologies.
- Cloud Platforms (e.g., Amazon Web Services/Azure), cloud applications based on Linux, Apache, MySQL, PHP/Perl/Python (LAMP) framework, SCCA.
- Windows, RHEL, Oracle, and Apple family of servers, apps, & workstations.
- Mobile technologies such as tablets, smart phones, laptops, Bluetooth devices, etc.
- Cross Domain Solution (CDS) Systems interconnecting multiple classification enclaves.
- RDBMS such as Oracle and PostgreSQL, NoSQL databases (e.g., MongoDB), XML and JSON based semi-structured technologies.
- Web-Server and web application technologies (e.g., MS IIS, Apache/Tomcat)
- Container and virtualization technologies such as Docker, VMware, RedHat Virtualization (i.e., KVM), and RedHat OpenShift Container Platform.
- (IdAM) solutions, Multi-Factor Authentication (MFA) and Public Key Enablement systems.
- Provide remediation recommendations and mitigating strategies for vulnerabilities discovered and maintain in-depth knowledge of DISA Security Technical Implementation Guidance, technologies such as Tenable Nessus, STIG Viewer, Security Requirements Guides, Security Content Checker, STIG benchmarks, open-source tools such as Vulnerator, and other automated tools that assist with the assessment of security controls and the presentation of security assessment results.
- Support the development, documentation and delivery of training and training materials on all cyber tools, software, processes and policies.
Basic Qualifications:
- Bachelor’s degree in a related field and 12+ years of related work experience or a Master’s degree with 10+ years of related work experience. Additional experience, trainings, or certificates may be considered in lieu of a degree.
- Must possess an IAT or IAM Level III DoD Approved 8570 Baseline Certification in accordance with DOD 8570.01-M or be able to obtain one within 30 days of offer acceptance.
- Active DoD Top Secret/SCI security clearance.
- 5+ years of software development experience in Java, C, C++, or other programming or scripting languages.
- Up to 10% travel may be required with the National Capital Region.
Experience in:
- DIACAP/DoD RMF, DCID 6/3, ICD-503, and/or RMF.
- System/software design, enterprise architecture security, integration, testing, system administration, application administration, training, deployment, and O&M.
- Designing, developing and using host based and network-based scanning tools.
- Security Content Automated Protocol (SCAP) based tools and specifications.
- Installation, configuration, testing, deployment, and O&M of Enterprise-wide network-based scanning tools (e.g., HBSS, ACAS, etc.) in support of compliance testing and continuous monitoring.
- Implementing security engineering practices in the System/Software Development Life Cycle (SDLC) Process; General knowledge of the DoD, IC, and national level system security initiatives and secure Information/LAN/WAN technologies.
- System/software design, enterprise architecture security, integration, testing, system administration, application administration, training, deployment, and O&M.
Proficiency in:
- IC, DoD, DISA, NAVINTEL IA, Fleet Cyber Command (FLTCYBERCOM), and DoDIIS processes, tools, systems, reporting mechanisms and requirements for Assessment and Authorization.
- Hardening modern operating systems (OS) Unix (e.g., Oracle Solaris 10/11, RHEL) and MS Windows using Security Technical Implementation Guides (STIG).
- Securing systems/software IAW IC, DoD, and industry best practices; development of security controls, testing methodologies, and test procedures for systems, cloud-based architectures, and Cross Domain Solutions (CDS).
Preferred Qualifications:
- Project Management experience.
- CISSP-ISSEP or CASP certification.
NITESONI
EIO2024
Original Posting Date:
2024-11-26
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $122,200.00 - $220,900.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.