Leidos is seeking a Sr. Cyber Security Engineer who is responsible for protecting the customer’s information systems and networks from potential cyber-attacks. The Cyber Security Engineer must display an excellent understanding of technology and utilization of Firewalls (Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy and Security Audits. Candidates will work directly with Team leads, developers and operations personnel throughout a DevSecOps life cycle both on policy and technical implementation of technologies.
- Plan, implement, manage, monitor, and upgrade security measures for the protections of information systems and networks
- Design, configure, implement, and maintain all security platforms and their associated software, such as firewalls (Security Groups), intrusion detection/intrusion prevention, anti-virus/malware (HBSS), cryptography systems (Vormetric), SIEM (Splunk), , and MDM
- Conduct ongoing assessment of firewall, SIEM, SSL, application control, antivirus, and other network component policies
- Investigate and respond to cyber security incidents (system and/or network breaches, malware attacks) and implement forensic investigations
- Formulate systems and methodologies as well as respond to security related events and assist in remediation efforts
- Participate in the change management process
- Test and identify network and system vulnerabilities
- Manage and review security logs, audit data and taking required actions
- Ensure network security best practices are implemented through auditing: router, switch, firewall configurations, change control, and monitoring
- Provide periodic vulnerability testing, and lead remediation projects
- Coordinate, and monitor log analysis for our managed services offerings, to ensure customer policy and security requirements are met
- Configure and troubleshoot security infrastructure devices and software
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks in a consultative role
- Experience with incident detection, incident response and forensics activities
- Experience with implementing and managing Network and Application Firewalls, SIEM (e.g., Splunk), end-point security (IDS/IPS and HBSS)
- Knowledge of networking protocols, such as TCP/IP, LAN/WAN concepts
- Experience with automation (e.g., Ansible, CloudFormation)
- Strong attention to detail with analytical mind outstanding problem-solving skills
- Awareness of Cybersecurity Trends and hacking Techniques.
- Active TS SCI with polygraph.
EDUCATION & EXPERIENCE: Requires BS degree and 12+ years of prior relevant experience in order to operate within the scope contemplated by the level. Will consider work experience in lieu of a degree.
- Experience with various security tools and processes such as Splunk, HBSS, IDS/IPS, VPN, Rapid 7, Webinspect, Appdetective
- Experience with scripting languages (Python, Power Shell)
- Experience with Cloud Computing Technologies/Amazon Web Services (AWS)
- Experience with Agile Software Development
- AWS Certification
- Experience maintaining virtual private networks, firewalls, web protocols
- Experience with SAFe Agile Framework
- Knowledge of potential attack vectors such as XSS, injection, hijacking and social engineering.Experience with health monitoring tools (Nagios, SolarWinds)