The Intelligence Group at Leidos currently has an opening for an Information System Security Engineer to work at our Columbia, MD location. This is an exciting opportunity to use your experience supporting an important, fast-paced, mission critical program.
The selected individual will become part of a team of Security Engineers working on solving challenging issues on a nationally significant defense program. The position requires a solid understanding of security practices and policies as well as hands-on vulnerability testing experience. The program makes heavy use Public Key Infrastructure (PKI), cryptographic encryption and cross domain solution technology. The selected individual will collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems and system security plans (SSPs).
- Work closely with System Engineering, Test Engineering, and Integration teams to ensure that the hardware and software architecture and implementation meets the security requirements for processing classified information.
- Assess system implementation against multiple security compliance policies.
- Evaluate the impact of new development on the operational security posture of the system.
- Evaluate, review, and test security-critical software.
- Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
- Audit and assess system security configuration settings using common methodologies and tools.
- Evaluate security solutions to ensure they meet customer specified requirements for processing classified information.
- Develop and maintain documentation supporting Certification & Accreditation (in accordance with ODNI and DOD policies), and other IA documentation.
- Provide configuration management for security-relevant information system software.
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below.
- Bachelor's degree in Computer Science, Information Technology, Information Assurance, or related discipline from an accredited college or university and 8 years of experience. Additional years of relevant professional experience may be considered in lieu of a Degree.
- Demonstrated experience with NIST Risk Management Framework
- DoD 8570 compliance with IAT Level III or higher required.
- Demonstrated knowledge of and experience with common security tools, including Nessus NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services.
- Experience formulating and assessing IT security policy.
- Experience with secure configurations of commonly used desktop and server operating systems.
- Direct experience interfacing with software developers, software testers, integration, deployment, and/or sustainment personnel.
- Must be committed to developing and adhering to best practices.
- Must be a solutions-oriented team player, and must possess a high level of self-initiative.
- Must be a good communicator and have excellent interpersonal skills.
Candidates with these desired skills will be given preferential consideration.
- Five (5) years of experience with Defense in Depth Principles/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development.
- Experience working on Agile/Scrum programs, specifically working with the SAFe Scaled Agile Framework.
- CISSP or equivalent certification.