Leidos is seeking a Network Security Engineer in either Vicksburg, MS, or Hillsboro, OR (preferred). Alternatively the following locations may be available for the right candidate: New York, Hanover, Philadelphia, DC, Atlanta, Los Angeles, Fort Worth, Colorado Springs. Periodic telework is available.
Up and coming in the field that can do security configuration of CheckPoint firewalls, Cisco ASA firewalls, Palo Alto Firewall/IDPS, Sourcefire, Bluecat IPAM, FPCAP and similar network and cyber security technologies.
Will be responsible for identifying, developing, implementing, and continuous monitoring of information technology hardware and software secure configurations within an enterprise architecture construct.
Directly interact and support ACE-IT SOC, CIRT and Engineering proponents to validate that DoD, Army, and DISA mandated IA and cybersecurity guidelines are integrated into the ACE-IT architecture on the principles of Defense in Depth as well as continuous sustainment of real-time risk management and vulnerability assessment.
Tasking would include but not be limited to secure baseline identification and validation, vulnerability and threat assessment, and security model architecture and design validation, enforcement of cyber policy and standards, and internal auditing for cyber security compliance.
• Configure, deploy and manage network and cyber security platforms
• Integrate within SOC and Engineering teams to consult on Cyber/IA projects, tasks, and IA requests directed to these teams
• Support, as needed, SA, VMSA, and NA Vulnerability Remediation Efforts by assisting in the gathering of remediation guidance from internal reporting, Vendors, US Cybercom, CERT, etc.
• Review, monitor, and assist in the enforcement of DISA STIG compliance of all ACE-IT network devices
• Support CIRT assigned SOC incidents as needed
• Help identify and improve SOC/CIRT processes and procedures
• Ensure IT infrastructure devices logs are captured within ArcSight and assist in monitoring log files
EDUCATION & EXPERIENCE:
Requires a Bachelors Degree from an accredited university/college in Computer Science, Information Technology, Science, Mathematics or related field and 5 to 8 years of prior relevant experience or Masters with 2 to 6 years of prior relevant experience. Further 4 years of direct relevant experience can be substituted in lieu of a Bachelor's degree.
Clearance: Must possess current/active Secret Clearance and be eligible for TS/SCI
- Network security, Information Assurance/Information System Security Engineering
- Defense in Depth principles and technology including access/control, authorization, Identification and authentication, public key infrastructure, network, and enterprise security architecture
- DISA STIG and SRR compliance test and verification
- DoD and Army Information Security regulations, publications, and policy
A cert to fulfil DOD 8570 IAT3 requirement like CISSP, CASP etc
A cert to fulfill Computing Environment requirement like, CCNA, CCNP, JNCIA, Palo Alto etc
- Cisco Routers, Cisco Switches
- Firewalls: Cisco ASA, Checkpoint, Palo Alto
- IDPS: FireEye, Sourcefire, Snort
- Bluecat IPAM, Solera FPCAP
Server & Operating Systems / Software
Windows and Linux system administration, Windows/Powershell Scripting, Cisco IOS, Nessus