Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and mitigate cyber threats to CBP networks. The CBP SOC is responsible for the overall IT security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed IT security violations.
Leidos has an immediate need for a Development Security Operations (Dev/Sec/Ops) Engineer to support the CBP SOC Program.
The Dev/Sec/Ops Engineer will gather requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions.
- Apply secure development/coding to include; but not limited to, cloud technology, internet servers, application whitelisting, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and DHS Policy.
- Champion security by injecting security concerns into the existing development workflow; build security thinking into every stage of software development.
- Coordinate with teams across the enterprise on the migration of existing IT services to the cloud; identify security technical requirements, potential problems and issues, and participate on agile software development teams.
- Support SOC capabilities by customizing tools and automating processes for SOC and IR analysts.
EDUCATION & EXPERIENCE:
BS degree Science, Technology, Engineering, Math or related field and 8 years of prior relevant software engineering or devops experience. Familiarity with software development life cycle models and agile programming methodologies.
Must have at minimum a Secret Level Clearance.
- The candidate must possess the technical skills and experiences with Cloud Service (AWS,Azure, etc), continuous delivery systems and enhancing SOC operations through automation. The ideal candidate will also have experience leading and mentoring junior members.
- Previous professional experience with performing integrated quality assurance testing for security functionality and resiliency to attacks.
- Previous professional experience with secure programming and identify potential flaws in codes to mitigate vulnerabilities.
- Applies coding and testing standards, security testing tools (including ‘fuzzing’ static-analysis code scanning tools), Identify common coding flaws, threat modeling, and conducts code reviews.
- Perform or support penetration testing as required for new or updated applications.
- Recognize security implications in the software/code acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
- Participate in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance.
- Take an approach of; plan, code, build, test, release, deploy and monitor when writing software to automate CBP SOC security tasks.
- Knowledge of Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.)
- Excellent problem solving, analytical skills and technical troubleshooting skills
- Ability to work with customers/stakeholders, developers, testers, project managers, support staff
- Experience acquiring in-depth understanding of large complex software systems to isolate defects, reproduce defects, assess risk and understand varied customer deployment
- Should have advanced working knowledge of the following: Encryption algorithms, secure communications, network and data communication protocols.
- Familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
One or more of the following Certifications:
CEH, CISSP, CSSLP, GPEN, OSCP, AWS Solutions Architect, RHSA, GXPN, GWAPT
- AWS Solutions Architect, DevOps Certs, RHCE
- Orchestration of Cloud infrastructure (Infrastructure as Code)
- Advance Degree in Computer Science or Computer Engineering
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Secret
Scheduled Weekly Hours:40
Job Family:Software Development
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.