The Homeland Security Solutions Operation at Leidos is seeking a proven Security Engineer to support a national scale service for next generation end-to-end credentialing and enrollment services for populations of workers and travelers seeking access to the nation's critical transportation systems and other infrastructure.
The successful Security Engineer shall:
- Ensure compliance to governing documents and security policies and assist in regulatory periodic assessments.
- Be a key part of a high-performing team that designs, implements and tests state-of-the-art secure operating systems, networks, applications, and database solutions.
- Stays current with system vulnerabilities and provides current security training to all system users.
- Conduct risk assessments and provides recommendations for secure implementation and compliance in accordance with government regulations and information assurance/cybersecurity guidelines.
- Create, maintain and submit information system security documents in accordance with Government requirements.
- Assess and mitigate system security threats/risks throughout the program life cycle; validate system security requirements definition and analysis; establish system security documentation; assist with the implementation of security procedures; verify information system security requirements; perform information system certification and accreditation planning, testing, assessing and liaison activities.
- Be familiar with information system security architectural documentation standards.
- Be able to apply information assurance / cyber security standards, directives, guidance and policies to an architectural/risk based framework.
- Provide architectural / risk based analysis of information assurance / cyber security features and relate existing system to future needs and trends and requirements.
- Respond to security audits and compliance assessments including decomposing auditor requests to actionable items, compiling and presenting security audit artifacts.
- Evaluate IT system compliance with government and commercial security practices (e.g. DISA STIGS, SANS Top 25).
- Conduct gap analysis, performance metrics, and provide technical recommendations of operational capabilities, compared to the latest known adversary tools and TTPs.
- Identify related new tools and technologies that support the DHS/TSA mission.
- Provide technical assistance in the development of Business Impact Analyses (BIA), Business Continuity Plans (BCPs), and Disaster Recovery Plans (DRPs) related to risks and contingencies.
- At least 10 years of experience in this discipline, demonstrating a commitment to training, self-study and maintaining proficiency in the technical cyber security arena.
- Familiarity with Federal IT Security regulations and guidance such as NIST 800-53, NIST 800-37 and FIPS 199.
- One or more of the following certifications: CISSP (preferred), CCSP, GSLC, and CISM.
- Experience with one or more of the security compliance managements systems used by Federal or DOD customers (e.g. CSAM, XACTA, Risk Vision).
- Knowledge of enterprise scale IT systems, architectures and components (servers, and virtualization, networking, security appliances, SAAS, IAAS) particularly the system integration challenges balancing secure operations with operational need.
- Working knowledge of security products, including SIEM, Security Applications, Network Devices, and End Point Protection.
- Solid communication and documentation skills.
- Ability to obtain a Public Trust suitability determination.
- U.S. Citizenship.
- Experience within the Department of Homeland Security.
- Ability to obtain a TS/SCI Clearance.
- CND experience (Protect, Detect, Respond and Sustain). Familiarity with CND tools such as FireEye, Carbon Black/Bit9, ArcSight, HBSS, Fortinet, Palo Alto, SourceFire/Cisco IPS, BRO, AirTight, Solera and SPLUNK Security and other industry leading cybersecurity products.
- Understanding of the cyber kill chain principles.
- Cyber threat intelligence experience.
- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
EDUCATION & EXPERIENCE: Requires BS degree and 8 - 12 years of prior relevant experience or Masters with 6 - 10 years of prior relevant experience. May possess a Doctorate in technical domain.