The Government Health and Safety Solutions Operation is seeking an Enterprise Security Administrator/ Lead Cyber Security Engineer, contingent upon contract award, in White Oak, MD.
The Enterprise Security Administrator will be working with a team of Information Security professionals to design install, administer and monitor a diverse suite of security tools for the FDA datacenter. The Security manager must identify risks, with associated mitigation plans provide a plan for growth of the architecture for future upgrades, and collaborate with peers and other key staff and customers to ensure a reliable and robust Security architecture is established and maintained. The successful candidate will have related Security certifications (CSISSP) and a minimum of 10 years of related contract experience defining, trouble shooting and managing comparable environments.
The Datacenter Contract supports the Food and Drug Administration (FDA) organizations to provide critical work to safeguard the foods, drugs, devices, biologics, and veterinary products that the Agency regulates. The datacenter supports systems that continue to evolve to meet emerging business needs and to support new mandates and initiatives. It is important to respond to customer needs and issues. The Enterprise Security Administrator position is a highly visible position to ensure the Security/Cyber architecture is sized and structured to provide high availability to meet the service level security agreements for the FDA customer. The person in this position will work directly with the FDA senior leadership team and the Leidos Health Systems program leadership team to ensure success of all aspects of the program including vendor recommendations and solutions, cloud architectures, and other Security support responsibilities in a large scale datacenter environment. This position is contingent upon contract award.
Specific roles & responsibilities for the Enterprise Security Administrator position include but not limited to the following:
- Design, develop, engineer, implement and tune solutions to MLS requirements. Perform complex risk analyses which also include risk assessment. Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. Support customers at the highest levels in the development and implementation of doctrine and policies. Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. Perform analysis, design, and development of security features for system architectures.
- Management of a 24x7x365 System Management Center (SMC) which includes the central command center for the network, security, and performance monitoring; triaging, troubleshooting, and the escalation of all identified or reported service interruptions, security incidents, and performance issues.
- Work alongside the program manager and other datacenter management to determine the technical goals of the program and works with program stakeholders to refine those goals into executable objectives.
- Devise plans and drives execution of each phase of the program objectives and innovation projects.
- Perform quality control checks, ensuring the effectiveness and reliability of the Network & Security systems, tools, and products.
- Evaluate the engineering costs to identify efficiencies and improved ways of delivering service to the customer.
- Negotiate with stakeholders (Vendors, Customer, etc.) to generate ideas and clarify specifications.
- Delegate tasks as necessary to engineering team and maintains accountability for results.
- Build strong professional working relationships with stakeholders to resolves disputes, define technical solutions, and drive positive change within the program.
- The ideal candidate may have multiple people supporting them but will be required to work with external stakeholders to achieve program objectives. This would include the issues, risks, dependencies, and making sure action plans are documented and executed accordingly.
- Be responsible for working with the customer and external stakeholders (industry leaders, vendors, etc.) to accomplish program goals in which we are dependent on them completing tasks.
- This position requires strong written and verbal communication skills, with ability to effectively brief FDA government customers.
- Performs technical planning, system integration, verification and validation, cost and risk, and supportability and effectiveness analyzes for total systems across the FDA network supporting security initiatives and ensuring a critical response team is available for immediate responses to address possible security threats and/or breaches.
- Assist in the planning and performing of analytical research, design development, and other assignments in conformance with design, engineering and customer specifications.
- Must be a self-starter, strong leader, and have the ability to work independently with no supervision.
- Some travel (< 20%) may be required.
- CCNA, CISSP, and Security + Certifications that are current
- Active Secret level clearance or ability to obtain within first 3 months of start of contract
- Demonstrated hands-on experience with the following tools (or equivalents); Splunk, Solarwinds, Nessus, McAfee, Palo Alto Next Generation FW, CheckPoint Firewall.
- Experience with monitoring IT infrastructure and associated enterprise services.
- Experience tuning and configuring monitoring tools to maintain proper thresholds, notification of service interruptions, analysis and planning, root cause analysis, and communication escalation
- Experience with vulnerability scanning, configuration compliance, patch compliance and associated reporting to proactively identify security vulnerabilities that can be mitigated with OS and COTS patching.
- Experience supporting incident management, problem management, and integrating new technologies into these processes.
- Experience, implementation of client and server anti-virus software to ensure a pro-active approach to reducing spam, phishing attempts and other external sources of malware that may threaten FDA data or application availability.
- Working knowledge of System Network & Security Monitoring tools for management of high availability systems.
- Familiarity with Cloud Computing, and Compute/Storage technologies (virtualization).
EDUCATION & EXPERIENCE: Typically requires a BA/BS or equivalent experience and 12+ years of prior relevant experience or Masters with 10+ years or prior relevant experience. Generally has 7+ years of experience supervising or leading teams or projects.
- FDA customer experience and knowledge of their organizational structure
- Demonstrated Cloud deployment models and related experience (Private/Public/Hybrid cloud)
- AWS, MS Azure, or other cloud technologies and advanced ITIL certifications
External Referral Bonus:Ineligible
Potential for Telework:No
Clearance Level Required:Public Trust
Travel:Yes, 10% of the time
Scheduled Weekly Hours:40
Job Family:Info Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to email@example.com.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.