Cybersecurity Operations Engineer

Description

Job Description:

The primary mission of the United States Mint (Bureau under United States Department of Treasury) is to serve the American people by manufacturing and distributing circulating, precious metal and collectible coins and national medals, and providing security over assets entrusted to us. 

The Leidos USMINT SOC Program has a current need for a Cybersecurity Operations Engineer. The engineer will be responsible for discovering cybersecurity risks, vulnerabilities, prioritizing assets, and utilizing remediation/mitigation techniques. This role will serve as one of the focal points to support the bureau’s efforts to reduce vulnerabilities, drive and track remediation and mitigation, and foster an environment of risk management to prioritize and tackle threats to business problems. 

Primary Responsibilities:

• Have firewall and network engineering experience with designing, implementation, and/or maintaining Next Generation Firewall (NGFW) devices such as Palo Alto and Cisco.
• Network Terminal Access Point (TAP) experience (Gigamon, IXIA)
• Linux experience and/or system administration
• Splunk and SIEM experience
• Trusted Internet Connection (TIC) experience
• Working knowledge of network features and protocols with strong understanding of routing protocols (EIGRP/OSPF), and BGP.
• System/Network Monitoring experience
• Experience with Information Assurance (IA) hardening and compliance (STIG, CIS, documentation, etc.)
• Familiarity with task automation
• Must be able to work collaboratively with other system administrators, system engineers, and network engineers in a team environment
• Incident response support including security monitoring, network and endpoint visibility, and threat management.
• Support troubleshooting Local Area Network (LAN)/Wide Area Network (WAN) and other network related problems.
• Provide direct support to a Security Operation Center environment
• Participate in Proof-of-Concept efforts ranging from initial client exploratory meetings, gathering requirements, and structuring solutions.  
• Validate remedial actions and ensure compliance with information security policy and regulatory requirements 
• Use automated tools (e.g. Nessus) to pinpoint vulnerabilities and reduce time-consuming tasks 
• Use manual testing techniques and methods to gain a better understanding of the environment and reduce false negatives Develop, test and modify custom scripts and applications for vulnerability testing 
• Perform ad-hoc data manipulations, clean-ups, and reporting using large complex data sets for rapid security responses.  
• Develop reports using data that is hosted in multiple sources/tools (e.g. spreadsheets, databases) and communicate clearly to leadership and other cyber teams 
• Develop risk-based mitigation strategies for our client's networks, operating systems, and applications 
• Review and define requirements for information security solutions and document security breaches and the extent of the damage caused by the breaches through extensive reports 

Basic Qualifications: 

• Ability to continuously research emerging threats to the environment to disseminate the information to all stakeholders, immediately assess the known environment for presence of the vulnerability, and work with the enterprise networking teams to proactively block exploitation within the environment. 
• Knowledge of the CISA Zero Trust model for security
• At least 3 years of experience querying, analyzing and working with vulnerability data  
• Experience working with vulnerability scanning, reporting, and Network tools (Nessus, SecurityCenter, Qualys, NMAP) 
• Familiarity of Threat Classification and CVE 
• Firm understanding of network security controls and network and infrastructure 
• Network Devices and Routing 
• Cloud Services or Migration to Cloud experience
• Knowledge in system security architecture and security solutions 
• Knowledge in networking, phishing, and endpoint security 
• Proven analytical and problem-solving skills 
• Self-motivated to improve knowledge and skills 
• Works well both in a team environment and independently 
• CISSP or higher industry acknowledge security certification
• Red Hat certification (Certified System Administrator (RHCSA) or higher) or Network Certifications, Cisco (CCNA or higher) preferred

Education & Experience:

• Requires Technical BS degree with 4+ years of prior relevant work experience within Cybersecurity.

Clearance:

• Ability to obtain Public Trust clearance 

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

#Remote

About Leidos

Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 45,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022.  For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.