The Defense & Intelligence Group of Leidos has an opening for a Cyber Security Engineer at Ft. Bragg, NC.
Cyber Security Engineer part of the Leidos team which provides IT repair, maintenance, operations, logistics, and engineering services to ensure secure, reliable, and uninterrupted availability of Army Military Intelligence Enterprise IT Systems.
The Senior-level Cyber Security Engineer will work directly with HQDA G2 and DIA Certifiers to obtain and maintain the JMICS Type Accreditation or "Type ATO". The Cyber Security Engineer will work directly with JMICS Senior Systems Engineers and System Administrators to ensure any changes to the JMICS systems are done in accordance to ICD-503 and NIST 800-53v4 standards.
The successful candidate will monitor programs for unauthorized vulnerabilities and work with the JMICS Senior System engineer to close them. Will also work with JMICS Government PM and JMICS Senior Systems Engineer to create and maintain all JMICS ATO Documentation and system security documentation.
- Work with cyber team consisting of ISSO and cyber technician to create and ensure the JMICS programs Information Assurance documentation, polices, and procedures are properly aligned to the standards set forth by DIA, DISA, DoD and Army Policy. Verify that said documentation is updated as required as Policy changes.
- Conduct routine risk assessments of the JMICS Program and each of the systems assigned to the program. Risk assessments include full system scans using security compliance Checker and Nessus, comparing system security settings to the applicable STIG's as they are updated by DISA.
- Work with JMICS Senior System Engineer and System Architect to create, maintain, and deploy JMICS Secure Baseline.
- Conduct site visits completing site level certification tests, site surveys, and risk analysis.
- Ensure the JMICS Secure Baseline is properly maintained and secured as required by DIA, DISA, DoD, and Army policy. Verify said baselines are adjusted, adapted, and upgraded to ensure that all unauthorized vulnerabilities found during the risk assessments are properly removed or mitigated to an acceptable level and to ensure the software used with in the JMICS program is the most current version of the approved software by the DoD.
- Perform Research and Development to ensure all new software and hardware to be deployed to the system meets all the security and configuration requirements that the JMICS Program is held to.
- Develop and modify software tools to assist system admins in the advanced configuration and reconfiguration of the JMICS Information Systems.
- Serve as the final tier of support for security\\system\
etwork administration issues to all of the System Administrators within the JMICS Program.
- Serve as the JMICS Security/System/Network administration SME and Tier III support.
- Serve as a member of the JMICS Configuration Management Board.
- Bachelor's degree in a relevant field with 10+ years of related Information Assurance/Cyber Security experience. Additional relevant certification, training, and/or years of experience is accepted in lieu of a degree.
- Specific experience with the following: writing/maintaining IA Policy and Procedures, Certification and Accreditation Process, DISA STIGS, system vulnerability scanning software (ACAS\
essus and SCC preferred), Securing and Configuring Windows Server 2008r2 and Windows 7, system virtualization (ESXi preferred), vulnerability management and remediation, cyber security incident response and handling, and Change Management processes.
- Currently possess DoD 8750 IA certification at IAM II: CISSP or CISM.
- Currently possess DoD 8750 Computer Environment (CE) Certification relevant to the position: CompTIA Server+, MCSA, MCITP, or related certification.
- Currently possess an active DoD TS/SCI security clearance.
- Experience with Baseline Creation and Deployment (Sysprepping, Ghost, and virtual importing and exporting).
- Experience maintaining Windows 7, Windows 10, Server 2008, and Server 2012 R2 platforms.
- Experience with any of the following: Cisco Unified Communications, Scripting, VMware View, Powershell, STIG item remediation, Vulnerability Scanning, Windows image creation and maintenance. Backup and restoration of virtual and physical machines, Group Policy creation, DNS server and/or Active Directory.