Apply on Employer Site

Leidos · 1 day ago

Information System Security Engineer

Orlando, FL

Full-time

Onsite

Senior Level, Lead/Staff

$108K/yr - $195K/yr

8+ years exp

Leidos is a company dedicated to delivering innovative solutions through a diverse and talented workforce. They are seeking an Information System Security Engineer to support cyber-related operations, ensuring security requirements are integrated into IT systems and performing vulnerability assessments to enhance cybersecurity compliance.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Under the direction and guidance of the ISSM, capture and refine information security requirements and ensure their integration into information technology components and information systems through purposeful security design and configuration

Perform vulnerability assessments to determine weaknesses and exploit methods in systems/networks utilizing approved COTS and GOTS tools, in conjunction with security testing methodologies and frameworks to assess threats against information and system/networks and recommend appropriate countermeasures for continued mission assurance

Perform cybersecurity analysis, identification, and remediation of complex cybersecurity compliance requirements on IT systems and applications to include: Microsoft Windows and RHEL family of servers, workstations operating systems. RDBMS such as SQL and PostgreSQL, XML, and JSON-based semi-structured technologies. Web-Server and web application technologies (e.g., MS IIS, Apache/Tomcat, SharePoint). Virtualization technologies such as VMware and VDI infrastructures. Network infrastructure components such as switches, firewalls, vSANs, and thin client hardware

Provide remediation recommendations and mitigating strategies for vulnerabilities discovered and maintain in-depth knowledge of STIG/SRGs, technologies such as Tenable Nessus, SCAP compliance tools like EvaluateSTIG and other automated tools that assist with the assessment of security controls and the presentation of security assessment results

In coordination with change management processes, remediate, apply, and/or mitigate vulnerabilities to systems and system components through the application of security updates, patches, fixes, and/or secure configurations

Support the creation, development, and documentation of cybersecurity processes and procedures supporting Authorization to Operate (ATO) packages and, as needed, to mature the program’s cybersecurity posture

Experience with eMASS to manage ATO package

Prepare and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports, and Plans of Action and Milestones (POA&Ms)

Install, configure and manage Trellix products

Create, tune, and enforce security policies through the ePO console to meet company security standards and compliance requirements

Troubleshoot Splunk issues between server and forwarder, create custom dashboards and implement best practices

Administer, configure, and maintain the Tenable Security Center

Review ACAS results and remediate appropriately

Qualification

DoD Risk Management FrameworkCybersecurity complianceVulnerability assessmentsSecurity engineering practicesTrellix productsSplunkSCAP compliance toolsSystem Security PlansSoft skillsProject Management

Required

Active DoD Secret Security Clearance

Bachelor's degree in a related field and (8) eight or more years of related actual work experience; additional work experience may be considered in lieu of a degree. (Unpaid experience will not be considered.)

Compliant with DoD 8140 requirements

DoD Risk Management Framework (RMF), especially in supporting Step 6

System/software design, enterprise architecture security, integration, testing, system administration, application administration, training, deployment, and O&M

Design, develop, and use host-based and network-based scanning tools

Security Content Automated Protocol (SCAP) based tools and specifications

Install, configure, test, deploy, and O&M of Enterprise-wide network-based cybersecurity tools (e.g., Trellix ESS, ACAS, Splunk, etc.) to support compliance testing and continuous monitoring

Supporting security engineering practices in the System/Software Development Life Cycle (SDLC) Process; General knowledge of the DoD and secure Information/LAN/WAN technologies

Hardening modern operating systems (OS) (i.e., RHEL, Microsoft Windows) and applications using Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), and/or industry best practices and documenting results on requisite checklists

Compiling and providing metrics to program management as needed

Presenting technical information to non-technical stakeholders