Leidos is looking for talented Cyber Security Engineering to fill an open poistion in Aberdeen Proving Grounds, MD.
As a member of the Information Assurance team the Cyber Security Engineer will support a full spectrum of Information Assurance activities specifically focused on cyber security related to mission systems operations in support of aircraft and associated ground systems. As a subject matter expert the candidate will inject into each stage of the Risk Management Framework processes to include but not limited to the development of Artifacts, identifying IA Controls based on system categorizations, creating policies and procedures and working POA&M items as required to reduce system risk.be required to support each step of the Risk Management Framework. Primary duties include but are not limited to develop System Security Plans, support vulnerability management, STIG Compliance, support project managers with ATO efforts, conduct annual IA control reviews and table top exercises as well as proactively performing gap analysis for process improvement. The individual must be a self-starter who can work well in both a team and individual environment to be successful with minimal oversight. The Cyber Security Engineer will be the primary interface with the project manager for the system to work all Certification and Authorization to receive and or maintain the Authorization to Operate (ATO). The position will require an active TS and being eligible for SCI clearance. 25% travel is required to support customer sites.
- Utilizie compliance and vulnerability security scan tools (e.g. ACAS, SCC), Security Technical Implementation Guides (STIGs), NIST RMF workflows, processes and best practices
- Generate and analyzes security scan tool reports and reports to customer and company leadership
- Develop technical and written solutions to cyber security vulnerabilities (e.g. AD Group Policy, Local Security Policy, Windows/Unix scripts, documented mitigations)
- Develop technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines.
- Support engineers of other disciplines in the security posture of products
- Assist Information Security Systems Manager (ISSM) in the development and maintenance of multiple accreditation packages
- Contribute to pre and post Authority to Operate (ATO) assessments
- Assist with other IA compliance activities as directed
- Travel about 25% to customer and testing sites.
- Prepare for and support SCA-V Assessments on ground and Aircraft Systems
- Active Top Secret and SCI eligibility
- Bachelor of Science in Computer Engineering or related discipline and 4-8 years of related experience; additional years of experience and certifications may be considered in lieu of a degree
- Any DoD 8570 certifications of IAT Level II or higher or IAM Level I or higher (e.g. Security+ CE, CISSP, CISM)
- Minimum of 5 years of experience with eMASS enter and maintain System Certification and Accreditation Packages
- Strong background in cyber security engineering or related information technology field to document system security policies and associate them with associated IA controls
- Basic foundation and understanding of Active Directory Group Policy, Local Security Policy, and Windows scripts
- Clear knowledge and detailed experience with NIST RMF SP 800-53
- Proficient with MS Office products to include Visio
- Proficient written and verbal communication skills
- Expert interpersonal skills when working as part of a team and capable of working independently when required
- Certified Information System Security Professional (CISSP)
- Basic understanding of and/or experience with virtualization architectures (VMWare, Citrix, Hyper-V)
- Clear knowledge and detailed experience with compliance and vulnerability scanning tools (e.g. ACAS, SCC, Nessus)
- Experience with CENTCOM Letters of Instructions (LOI)
- Experience with NETCOM Authorization and Accreditation processes