The Leidos Cybersecurity Capabilities Organization has an immediate opening for an experienced & motivated Endpoint Cyber Engineer to join the Endpoint Security Engineering team. This position can be supported from Orlando – FL, Reston – VA, Gaithersburg – MD.
You will join a team of other Endpoint Cyber Engineers in the overall designing, building and deployment of endpoint security capabilities. This role focuses on the design and implementation of industry leading cyber security products that support the cyber defense mission of a Fortune 500 organization. Additionally, you will provide guidance and support as needed to the Endpoint Cyber Operations team. This includes, but is not limited to, assisting with documentation of standard operating procedures (SOPs), knowledge transfers, training, etc. As an Endpoint Cyber Engineer, you will be expected to "think like an adversary" and provide engineering-centric input into every phase in the Cyber Defense development process from an endpoint cyber defense perspective. You will be the Subject Matter Expert in the architectural design and initial configuration of the Leidos next generation endpoint solutions. This includes an aggregate understanding of Leidos' corporate policies, common information security frameworks, and security best practices. Once understood the focus will turn towards contributing to the technical innovation that will evolve Leidos' defensive capabilities and methodologies. Finally, you will evaluate systems with the goal of identifying and remediating existing gaps in vendor solutions and platform technologies as well as refining the established policies, processes and procedures as it relates to the user experience with the software and configurations.
Primary Responsibilities Include:
- Ability to contribute to and work with a high performing team in a collaborative effort.
- Being a Subject Matter Expert for endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR).
- Advanced knowledge of various security frameworks such as, but not limited to, security operations, incident investigations, incident response, threat hunting, vulnerability awareness and security configuration management.
- Technical control testing, implementation & enforcement based on inputs received by the Leidos Cybersecurity Intelligence & Response Center (CSIRC), the Endpoint Cyber Engineering team, and other internal organizations, leaders, stakeholders where applicable.
- Support change management tasking relative to the security policies associated with the endpoint security solutions that you support.
- Work closely with your manager to ensure tasks are executed on time.
- Ensure documentation relative to the supported endpoint security products, procedures, services, etc., are written and centrally accessible.
- Create and monitor reporting for compliance.
- Ability to understand & troubleshoot complex situations and apply solutions successfully without reducing the security posture of the company.
- Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
- Being able to work as an individual or in a team collaborating in various product areas while maintaining a successful and secured environment.
- Perform other tasks as assigned.
- Bachelor's degree and minimum 8 years of relevant experience, including 4 years in Cyber / Information Security field. Additional years of relevant experience and/or technology certifications may be considered in lieu of degree. This should include 2+ years of endpoint security experience.
- Experience designing & implementing endpoint security solutions (e.g. Antivirus, EDR, Application Whitelisting, Host Intrusion Prevention and Firewall, Forensic Analysis Tools, Advanced Malware Solutions, IOC Sweepers) on a global enterprise scale.
- Hands on experience with solution design and implementation for McAfee products.
- Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences.
- Must be able to weigh business needs against endpoint security concerns and articulate challenges to customers as well as leadership.
- Ability to manage time and priorities with multiple tasks and projects.
- Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.
- Deep technical understanding of advanced threat detection in an enterprise environment, automated intelligence distribution methods, malware families, their types, and the threat they pose.
- Must have a fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.
- Eligible to obtain a DoD Secret Security Clearance.
- US Citizenship is required.
- Knowledgeable of forensic procedures and practices including imaging and memory analytics. Specifically the design, maintenance, and documentation of enterprise forensic capabilities. (Popular commercial products include: EnCase, FTK, and others)
- Windows 10 security best practices and configurations.
- Linux System Administration experience or experience with Linux OS hardening.
- Knowledge of Microsoft Active Directory.
- Experience with cloud IaaS solutions such as Microsoft Azure or Amazon AWS.
- Proficiency with Microsoft Windows administrative & troubleshooting tools.
- Demonstrated experience performing cybersecurity analysis from an endpoint engineering perspective.
- Active DoD Secret or higher clearance
- Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
- Functional understanding of scripting languages (Batch, Powershell, Python, VBScript, etc.)
- GIAC GCIA Certification or other cyber security certifications are a plus.
- Experience with Splunk (preferred) or other SIEM platform.
- Experience with Cloud-based information protection and cyber security.
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:None
Scheduled Weekly Hours:40
Job Family:Security Architecture and Engineering
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to email@example.com.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.