Leidos is a Fortune 500™ company aimed at embracing and solving some of the world’s most pressing challenges. Through science and technology, Leidos makes the world safer, healthier and more efficient.
Our Civil Group offers an array of exciting career opportunities for the best IT, energy, logistics and engineering professionals.
Leidos is seeking an Information Assurance Security Engineer and Team Lead that will report directly to the Information Assurance Program Manager.
The Information Assurance Security Engineer and Team Lead is a hands-on senior member of the Leidos - Antarctic Support Contract (ASC) Information Security (InfoSec) team responsible for leading the application of cybersecurity principles and best practices to proactively protect and maintain the confidentiality, integrity, and availability, of United States Antarctic Program (USAP) data, information systems, and enterprise network. Personnel in this position must have an elevated level of trust, with access to sensitive and private information, which must be handled with integrity and respect in accordance with USAP policies and procedures.
The successful candidate should possess both leadership skills and a deep technical background in securing and monitoring Windows and Linux operating systems and applications, Cisco network devices, Palo Alto firewalls, and Fortinet NAC. The candidate must be familiar with managing continuous security monitoring activities, including in-depth vulnerability scans, risk analysis and remediation planning.
Essential Responsibilities Include:
- Responsible for coordinating with the Information Assurance Program Manager to identify and prioritize Security Engineering team tasking, facilitating team meetings, and managing on-call schedules and playbooks.
- Provides mentoring and training for junior staff members.
- Leads continuous security monitoring of IT infrastructure and applications, and responding to and tracking down alerts and alarm conditions.
- Reviews change control tickets and provides input and approval from and information security perspective.
- Leads incident response activities and developing incident response playbook and process improvements.
- Performs security and risk review of proposed software solutions.
- Collaborates with Data System, Network, and Applications teams to improve overall cybersecurity and achieving operational metrics.
- Acts as technical consultant for IT operations, Security Compliance teams and other departments.
- Utilizes technical skills to provide technical input, review, and feedback on secure system design for projects and other initiatives.
- Drives process improvements in vulnerability scanning, standard security configurations and the overall continuous monitoring landscape.
- Researches vulnerabilities and threats, assesses and documents risks, and provides recommendations for remediation or mitigation.
- Other security relate duties as assigned.
- Bachelor’s degree in Information Technology or Cybersecurity; equivalent combination of education, experience and certifications will be considered in lieu of a degree.
- 8+ years of combined information technology and information security experience.
- Current security certification(s) (e.g., CISSP (preferred), CISM, CEH) and IT certification(s) (e.g., MCSE, RHCE, CCNA, CCNP).
- Ability to obtain a Public Trust security clearance.
- Proficient in applying secure design, implementation, and continuous monitoring to an enterprise IT Infrastructure (network devices, systems, applications, services, virtual environments, LAN/WAN topologies, and protocols).
- Strong knowledge in managing Continuous Security Monitoring (CSM) tools, including Security Incident and Event Management (SIEM) systems.
- Experience administering vulnerability scanning and determining remediation plans for network, systems, and applications.
- Experience developing, implementing and validating secure baseline configurations and polices via Security Technical Implementation Guides (STIGs).
- Knowledgeable in performing packet level analysis of network traffic using protocol analyzers
- Proficient in administering network and endpoint antimalware tools.
- Ability to perform firewall rule analysis and recommendations for rule creation.
- Familiar with email messaging and connection security, including anti-spam, anti-phishing, and anti-malware tools.
- Ability to deploy and manage Public Key Infrastructure (PKI) and PIV card security.
- Expert level knowledge in security incident response processes (Prepare, Detect, Analyze, Contain, Eradicate, and Recover) including forensics analysis and tools.
- Experience in the design and implementation of Trusted Internet Connections (TIC), Cloud Access Security Broker (CASB) and securing cloud services (Azure, AWS, etc).
- Ability to leverage project management methodologies (e.g., Traditional, Agile, Scrum, Kanban, etc.) in performance of duties and managing team activities.
- Knowledge and practical application of FISMA compliance, and NIST risk management framework, tools, technologies, and methods (e.g., NIST SP 800-30, 800-37, 900-39, 800-53, etc.).
Driven by our talented workforce, the Integrated Missions Operation builds trust through an array of energy-related IT, environmental science and engineering solutions to meet our customers’ needs.
Key Programs and/or Capabilities:
- Antarctic Support Contract (ASC)
- Large Infrastructure
- Mission Support
- Digital Modernization
- Command & Control
- Mission Applications
- Energy and Environment
- Engineering Services
Leidos is growing! Connect with us on LinkedIn and Facebook.
We value and support the well-being and mobility of our employees with competitive benefit packages, complementary e-learning training, work-life flexibility, an exciting External Referral Program, and a diverse, inclusive and ethical work place. In fact, in 2020, Leidos was ranked as one of the “World's Most Ethical Companies” by the Ethisphere Institute for the third consecutive year.
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Yes, 25% of the time
Scheduled Weekly Hours:
Pay Range $91,000.00 - $140,000.00 - $189,000.00
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com.
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [Click Here to Email Your Resumé].
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.