Leidos has a challenging and rewarding opportunity to be Principal Security Engineer on a nationally significant defense program. The position requires good understanding of security policies and hands-on vulnerability testing experience. The program makes heavy use Public Key Infrastructure (PKI), cryptographic encryption and cross domain solution technology. The selected individual will work closely with our customer's security team. Additionally the selected individual will collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems and system security plans (SSPs).
• Serve as a subject matter expert in security policy and architecture. Provide advice to customer and program team.
• Help formulate security compliance requirements for new system features.
• Identify security issues throughout the system and make recommendations to remediate those issues.
• Support risk assessment, risk management, security control assessment, continuous monitoring, service design, and general IA program support functions.
• Work with development teams to enrich understanding of different types of vulnerabilities, attack vectors and remediation approaches.
• Collaborate with program security engineers in day-to-day activities.
• Work with program ISSOs to ensure system monitoring and system security plain maintenance requirements are being met for Test and Integration and Development systems.
• Requires Master's Degree in Information Technology, Information Assurance, or related field and 15 - 20 years of relevant experience or Additional years of relevant professional experience may be considered with a Bachelor's Degree.
• Holds active TS/SCI with Polygraph clearance.
• Demonstrated knowledge of and experience with current security tools, hardware/software security implementation, communication protocols, encryption techniques/tools, and/ web services.
• Experience formulating and assessing IT security policy.
• Direct experience interfacing with software developers, software testers, integration, deployment, and/or sustainment personnel.
• Must be committed to developing and adhering to best practices.
• Must be a solutions-oriented team player, and must possess a high level of self-initiative.
• Must be a good communicator and have excellent interpersonal skills.
• Twelve (12) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development.
• Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
• Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and implementation.
External Referral Eligible