Join our talent network

Job #: R-00011715
Location: Columbia, MD
Category: Info Security
Schedule (FT/PT): Full time
Travel Required: Yes, 10% of the time
Shift: Day
Potential for Telework: No
Clearance Required: Public Trust
Referral Eligibility: Ineligible
Group: Civil

Job Description:

The Leidos Homeland Security Solutions Operation within Leidos' Civil Group is seeking talented, patriotic, and motivated U.S. Citizens for an important national security project with the DHS Transportation Security Administration (TSA). The project involves screening, vetting, and credentialing of people who are then granted access and privileges associated with sensitive areas and functions. Some of these populations were identified as sensitive following 9-11 and the passage of the Patriot Act, such as maritime port workers, alien flight schools, and hazardous materials drivers. Though still related to security, other populations programs such as TSA Pre-Check, also facilitate smooth travel. In all cases, these critical functions must continue transparently to the populations involved, while evolving to accommodate growth and enhanced functionality. Since many of these functions evolved independently, there is an opportunity to consolidate and streamline common functions, thus enhancing reliability and reducing costs. By moving to a person-centric data model, TSA will also improve data integrity and services to the individuals in the populations involved.

The project environment will be complex and challenging. It involves sustaining current functions and evolving functionality while merging 3 different technology stacks and associated development environments. In addition, the supporting data center infrastructure exists in two places, Colorado Springs, CO, and Annapolis Junction, MD, and involves teamwork in a distributed environment. For ambitious technologists, the project presents a professional growth opportunity with the satisfaction of contributing to a critical national interest program that both secures and enhances our lives.

This career opportunity is for an Application Security Specialist. The work location is a customer facility in Annapolis Junction, MD, or in a Company facility nearby. The successful Applications Security Specialist shall:
• Analyze systems and applications, recommend and develop security measures to protect applications and associated information against unauthorized modification or loss.
• Create and maintain the infrastructure to enforce secure application development practices, including continuous integration, automated builds & deployment, and automated end-to-end testing.
• Identify, mature and maintain security procedures and tools.
• Perform security vulnerability assessments.
• Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures.
• Act as liaison with other stakeholders, such as, data/service providers, infrastructure admins, software developers, FOSS/COTS vendors, etc.
• Distribute application development guidance and coding standards to enforce secure application development. In conjunction with the Security Engineer, provide instruction and coaching to the development teams where needed, and institute corrective actions and guidance changes as warranted by the changing threat landscape.

Basic Qualifications

• Bachelor's Degree in Computer Science or equivalent degree in Engineering, science or related technical field.
• Over seven years of experience on complex technical projects, including work on highly available, national security systems.
• Subject matter expertise in the following areas:
o Deployment and configuration of security scanning tools
o Performing manual static and dynamic analysis
o Conducting security code reviews, security architecture reviews, security design reviews, and threat modeling activities
o Applying NIST 800-53 Revision 4 security controls, especially those related to web applications and web services security
o Web application/web services security best practices
o Remediation of security vulnerabilities based on industry best practices o Investigation of potential security threats
o Automation of security scanning within continuous integration/continuous delivery (CI/CD) pipelines
o Securing container application platforms and Platform as a Service (PaaS) deployments
• Hands-on, working knowledge of the following products:
o Soap UI
o IBM AppScan (Standard/Enterprise/Source)
o Portswigger BurpSuite
o Fortify
o GitLab/Mattermost
o VMware
o OpenShift
• Demonstrated ability to produce high-quality, professional documentation.
• Ability to obtain a Public Trust suitability determination.
• Ability to obtain a Secret Clearance.
• U.S. Citizenship.

Preferred Qualifications
List additional skills and experience that is "nice to have" but not required.
• Experience doing development for the TSA and/or another agency within the Department of Homeland Security.
• Ability to obtain a Top Secret Clearance.

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 32,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com .

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here .

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to spam.leidos@leidos.com .

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community