Join our talent network

Job #: R-00009258
Location: WASHINGTON, DC
Category: Info Security
Schedule (FT/PT): Full time
Travel Required: No
Shift: Day
Potential for Telework: No
Clearance Required: Public Trust
Referral Eligibility: Ineligible
Group: Civil

Job Description:

No two career paths will ever look the same. At Leidos, we know the most talented and diverse IT and engineering professionals will always have a multitude of career choices; your time at Leidos will be a wise investment in your career and in yourself. We welcome your perspective and ideas, in order to foster collaboration and deliver world-class solutions. We look for solutions that not only transform businesses, but change the world.

Our Civil business is helping to modernize and manage infrastructure, systems and controls, and cybersecurity for civilian agencies and commercial clients around the globe. With core competencies in information technology, energy and environment, complex logistics, and specialized engineering, we solve technical challenges and implement newfound efficiencies on a number of programs!

Protect yourself and your family, with the benefits of working for a world-class employer. When you join Leidos, you join a Fortune 500 company and one of Ethisphere Institute's "World's Most Ethical Companies"

Leidos...We strive to make the complex clear

Job Description:

Leidos is seeking an IT Security Engineer for the ESA IV program. The ESA IV Security team supports multiple DOJ components (ATF, USTP, ATR). This position will primarily support the National Archives and Records Administration (NARA) contract.

This position will be focused on IT Security Operations. The candidate will be involved in a broad range of security tasks and issues supporting current day to day production operation as well as integration of new security capabilities. These tasks may include incident response, vulnerability management, Information Assurance analysis (Certification and Accreditation, audits, annual security plans), security assessment of current and new system and product capabilities.

For vulnerability management tasks, the candidate will utilize enterprise tools (e.g. SPLUNK, BigFix, SCCM, Tenable Security Center, Nessus, DOJ SPDR) and their hands on system administration skills to identify, analyze and remediate issues. The candidate will also need to use broad system security engineering skills to respond to real time production system issues/events or analyze new or enhancement capabilities.

The candidate may also support Information Assurance analysis tasks where, the candidate will respond to Certification and Accreditation tasks, audit tasks and other system security tests. The candidate may act as the interface between auditors and system subject matter experts. This will require the candidate to understand the target systems to appropriately decompose inquiries to actionable items for SMEs, then validate the SME responses. The candidate should understand how to document system compliance with government security controls (e.g. 800-53, FISMA).

Clear verbal and written communication skills are essential. This position also requires good project planning skills to identify how to meet schedules, identify dependencies, and identify risks and work arounds.

This position requires a security investigation completed by the NARA and the ATF to permit access to customer-sensitive information.

Required Qualifications
  • Bachelor's degree and 8 years related experience or Master's degree and 6 years related experience; additional years of experience will be considered in lieu of degree
  • General knowledge of enterprise scale IT systems, architectures and components (servers, and virtualization, networking, security appliances,) particularly the system integration challenges balancing secure operations with operational need.
  • Experience with Windows server and workstation administration including Active Directory. This should include ability to apply remote administration to evaluate and potentially correct system configurations, complete assessment and remediation of system hardening to DISA STIGs using security tools and command line (powershell) evaluation.
  • Experience with Linux administration and security practices including system hardening DISA STIGs, scripting routine administrative tasks and data analysis, log management, user account management, installation and configuration of typical Linux security tools.
  • Experience with basic network security practices and configuration
  • Experience with one or more security tools (e.g. Nessus, Web Inspect, SPLUNK, DOJ SPDR) including running the tools, interpreting the data and customizing queries and outputs.
  • Experience with one or more enterprise configuration management tools (e.g. Big Fix, SCCM) including running the tools and customizing queries and outputs.
  • Experience with supporting assessment of IT systems compliance with Federal IT Security standards (NIST 800-53, FISMA, CSAM))
  • Ability to respond to security audits and compliance assessments including decomposing auditor requests to actionable items, compiling and presenting security audit artifacts
  • Ability to evaluate IT system compliance with government and commercial security practices (e.g. DISA STIGS, SANS Top 25)
  • Working knowledge of Federal Certification and Accreditation practices
  • Solid communication and documentation skills


Desired Qualifications
  • Advanced Windows administration skills and knowledge of current and emerging Windows security features.
  • Experience with enterprise security services (e.g. IDS, log aggregation, credential management, PKI, Certification Authority management, web/mail proxies and filters, end point integrity tools)
  • Experience with security configuration of network devices (switches, routers, firewalls)
  • Experience with enterprise mobile device security management (e.g. Airwatch)
  • Familiarity with cloud computing and applicable security practices (e.g. FedRAMP, SAAS, IAAS)
  • Experience with DOJ environment and tools
  • Ability to recognize security risks, document risk, and clearly communicate findings and recommendations.
  • Experience supporting Incident Response events
  • Experience supporting review and certification of Physical Security elements of a facility


www.Leidos.com .

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here .

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to spam.leidos@leidos.com .

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community