Apply on Employer Site

Leidos · 2 hours ago

Security Engineer

Lorton, VA

Full-time

Onsite

Senior Level, Lead/Staff

$108K/yr - $195K/yr

8+ years exp

Leidos is an industry and technology leader serving government and commercial customers, and they are seeking a Security Engineer to support the Department of Homeland Security's cybersecurity mission. The role involves securing enterprise Linux servers, managing Tenable vulnerability scanning, and ensuring compliance across various environments.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Administer and harden Linux servers (e.g., RHEL, Rocky, Ubuntu) including OS configuration, patching, and security baseline enforcement

Install, configure, and maintain Tenable platforms (Tenable.sc, Nessus, Nessus Agents, connectors) to support continuous vulnerability scanning

Develop and maintain scanning policies, schedules, and dashboards to provide accurate visibility into security posture

Analyze Tenable scan results; validate true positives vs false positives and work with system and application owners to drive timely remediation

Map vulnerabilities and configuration findings to relevant compliance requirements (e.g., NIST 800-53, DISA STIGs, CIS benchmarks, organizational policies)

Support the creation and maintenance of secure configuration baselines and hardening guides for Linux servers and related middleware

Generate compliance and vulnerability reports for leadership, auditors, and governance teams; track remediation progress and aging

Collaborate with infrastructure, DevOps, and application teams to integrate security and compliance into change management, patch cycles, and deployment pipelines

Participate in security incident response activities related to Linux hosts, including log review, containment, and forensic support

Contribute to SOPs, playbooks, and runbooks for vulnerability management, patching, and compliance monitoring

Maintain all Body of Evidence (BOE) documentation for which they are the prime author for the duration of the contract. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval

Qualification

Linux administrationTenable vulnerability managementCompliance frameworksShell scriptingSecurity incident responseDocumentation skillsCollaboration skillsCommunication skills

Required

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field and 8+ years experience; or additional equivalent experience may be considered in lieu of a degree

5–8+ years of hands-on experience administering and securing Linux systems in an enterprise environment

Active TS/CI government security clearance

Direct experience with Tenable.sc and/or Nessus for vulnerability management (configuration, policy creation, agent management, reporting)

Solid understanding of vulnerability management lifecycle: discovery, assessment, prioritization, remediation, and verification

Experience implementing or supporting security/compliance frameworks such as NIST 800-53, DISA STIGs, CIS benchmarks, or similar

Strong skills in Linux CLI, shell scripting, and basic automation (e.g., Bash, Python, Ansible) to support configuration and remediation

Familiarity with log management and SIEM solutions and how they integrate with Linux hosts

Ability to interpret technical vulnerabilities (CVEs, CVSS) and clearly communicate risk and remediation options to technical and non-technical stakeholders

Excellent documentation skills, including the ability to produce clear procedures, diagrams, and reports