The Leidos Civil IT Cyber Services Group is seeking a Zero Trust Network Engineer to support our U.S. Mint Cybersecurity Support Services contract. The Zero Trust Network Engineer will be abreast of the CISA Zero Trust (ZT) requirements to guide the government agency on the best practice deployment as well as support configuration of zero trust tools in their environment. This role requires a cybersecurity engineer that strives to keep abreast of the latest regulatory guidance and best practices within federal cybersecurity services. The candidate will have superior attention to detail and excellent organizational skills, as well as the ability to meet deadlines and work in a highly collaborative work environment. You will possess the ability to complete complex tasks and projects, conduct research as needed, react with appropriate urgency to situations that require a quick turnaround, and take effective action without having to know the total picture.
- Analyze the client’s current network architecture in conjunction with ZT assessment findings to recommend future-state network architecture design for the government agency
- Perform research and lead proof of concept efforts to determine where additional technologies may be necessary to achieve the desired level of zero trust
- Analyze and develop requirements, use cases, and technical documentation to support the zero trust transformation for the agency deployment
- Interface with the client and work with a team of 3-5 practitioners in conducting assessments and executing follow on actions
- Identify system security requirements for external and internal facing web applications, networks, operating systems, and cloud environments
- Ensure the secure design, architecture, installation, configuration, hardening, and remediation for software applications to protect the bureau’s sensitive information
- Review, analyze and design zero trust products and security configurations
- Perform deployment and configuration of zero trust broker tools with other security tools, including identity management, Security Information and Event Management (SIEM), and EDR tools and or access to the internet and private applications
- Develop ongoing operations and maintenance plan for the zero trust tools, including providing patching and end-user support with engineering team to provide ongoing maintenance
- Collaborate with SIEM engineers to ensure logs are onboarding and maintained in the SIEM tool
- Provide support for ongoing SIEM tuning and use case development
- Provide ongoing advisory support to bureau leadership on responses to new network requirements and regulatory mandates (such as executive orders, emergency directives, binding operational directives, and data calls from governance and oversight bodies)
- Design, integrate and configure cyber security and network monitoring tools
- Develop strategies to respond to and recover from a security breach
- Advocate for technology insertion, that improves current inefficiencies
- Support clients with data protection and overarching cloud capabilities
- Implement core and cloud infrastructure security to manage risks and exposure
- Perform cyber reconnaissance to illuminate a potential attack surface area
- Provide threat and vulnerability management to federal clients and teams
- Analyze tactical network architectures and topologies to assess security risks
- Bachelor's degree and 10+ years of cybersecurity engineering experience
- Must be able to obtain and maintain a Public Trust Clearance
- US Citizenship Preferred and US Person Required
- Hands on experience with common enterprise-wide network security and (SIEM) technologies or tools such as ZScaler, CrowdStrike, Forescout, Palo Alto Networks, Cisco, Juniper, Microsoft and Splunk
- Experience with enterprise cloud systems and solutions across aero trust pillars
- Knowledge of ZT based Identity, Credential, and Access Management (ICAM) solutions
- Understanding of modern network infrastructure capabilities (i.e., Secure Access Service Edge (SASE), Software-Defined Wide Area Networks (SD-WAN), Software-Defined Perimeter (SDP), Software-Defined Networks (SDN), etc.)
- Experience working with/in SOCs and/or NOSCs
- Experience with cyber threat indicators and prioritizing cyber threats
- Familiarity with federal government environments, standards, and architectures
- Experience in U.S. security requirements related to regulations or standards, including NIST SP 800-171, 800-53, RMF, ISO 27001, Trusted Internet Connection (TIC) 3.0, and SOX
- Working knowledge of zero trust principles, frameworks, and implementation strategies
- Forrester Zero Trust Strategy certification
- Hybrid Primarily Remote/Occasional Onsite DC Client Site
Pay Range:Pay Range $97,500.00 - $150,000.00 - $202,500.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 44,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.