To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at https://career-events.leidos.com.

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by Leidos.com automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00060288
Location: Reston, VA
Category: Software Engineering
Schedule (FT/PT): Full Time
Travel Required: Yes, 25% of the time
Shift: Day
Potential for Telework: Yes, 50%
Clearance: None
Referral Eligibility: Ineligible
Group: Corporate

Share: mail twitter linkedin

Description

Job Description:

Leidos Corporate Office of Technology has an immediate opening for a Security Lead Engineer to join our Software Accelerator team.

In this role, you will lead efforts for Leidos to overachieve on software security. Cyber security in software is an increasingly important component of delivering software to Leidos’ highly regulated customers.  This position will lead the technology development and application (internal and external technology) and best practices defining the “Leidos way” for security.  This role will focus on providing compliance and differentiation for software teams inside Leidos.  You will support development and application of secure CI/CD pipelines, secure coding practices, training, runtime software security and other aspects to ensure Leidos is an industry leader in delivering secure, rapid software.


You will lead capability discovery, which could take the form of an Analysis of Alternatives (AoA) to ensure the selected vendor can satisfy the need within the high level design. 

Primary Responsibilities
•Provide subject matter expertise in the development and maintenance of security tools and processes for Agile programs using modern CI/CD pipelines (e.g. pSDO)
•Advise application development teams (e.g. LEAF) on best practices and designs for securing and monitoring software in production
•Provide subject matter expertise in developing and maintaining standard secure coding processes for use across Leidos
•Provide subject matter expertise in implementing industry standards in Leidos software programs (e.g. Biden Administration’s executive order on cyber security)
•Provide subject matter expertise in internal teams to ensure software development teams are both secure and delivering at a rapid pace, including being a liaison on behalf of the software community with CIO/CISO.
•Provides subject matter expertise in the development of cyber operations specific indicators measuring success and attainment of team goals and objectives and enterprise information security architecture as applied to the organization's overall security strategy.
•Advise programs on overall risk levels and security posture; Serves as an internal consultant and advisor in own area(s) of expertise (e.g., technology, tools, standards, best practices, processes, etc.).
•Develops short-term and strategic training events for the assigned team.
•Manage and enforce security policies, training and educating end-users on proper security practices, conducting security and risk assessments using security frameworks (e.g., NIST, RMF, Common Criteria, etc.)
•Participate in enterprise projects, advocate security, architecture and engineering best practices.
•Participate in vulnerability assessments and schedule, perform scanning and documentation of results.
•Mitigate risk via security controls, testing and evaluation to certify and accredit commercial security products, ensure privacy of data throughout its lifecycle, vulnerability management (scanning, assessment, reporting, and mitigation verification), business continuity and disaster recovery.
•Demonstrate understanding of information systems security, including network, application, database, physical, web vulnerabilities and common security design flaws.
•Demonstrates ability to speak well in front of an audience and be able to present security briefs to high ranking personnel and be able to give presentations to personnel in a clear, concise but comprehensive manner.
•Possess an understanding of government regulatory and compliance requirements and, Risk Management Framework processes.

Basic Qualifications
•Bachelors Degree in Computer/Engineering Science, Information Systems, Cybersecurity, or related field preferred and 12+ years of work experience in Cybersecurity engineering. 2+ years of leadership experience managing Cybersecurity engineering teams
•US citizenship is required and able to obtain security clearance.
•Ability to effectively convey information security and risk-related concepts via written and verbal communication to both technical and non-technical audiences.
•Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in a fast-paced environment.
•Experience with developing/integrating cybersecurity designs for systems and networks
•Experience or knowledge of implementing Zero Trust architecture principles
•Experience with documenting and addressing organizational information security, cybersecurity architecture, and systems security engineering requirements
•Experience with documenting the protection needs (i.e. security controls) for information system(s) and network(s)
•Ability to perform security reviews, identify gaps in security architecture, and develop a security risk management plan
•Ability to develop a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements
•Experience with vulnerability scanning tools to include those supporting operation system, web application, database assessments,
•Skill in translating operational requirements into protection needs (i.e. security controls)
•Knowledge and work experience with architecting, engineering, deploying, and tuning of Network Intrusion Detection Systems (NIDS)
•Experience with Cyber Threat Intelligence (CTI) technologies
•Cybersecurity Certifications: At least one of the following: CISSP, CCSP, CCNA,CISSP-ISSAP,CISSP-ISSEP, GIAC, SSCP, Security+ (or equivalent as approved by the Government)
•Experience with documenting and addressing organizational information security, cybersecurity architecture, and systems security engineering requirements

Preferred Qualifications
•Demonstrated expertise in Cloud and off-premises security best practices.
•Experience integrating security controls to cloud environments to provide a holistic enterprise security view
•Experience working with Department of Defense DFARS, US Federal FAR/ITAR and CMMC regulatory requirements
•Ability to execute technology and/or tool automation processes.
•Ability to optimize systems and/or tools to meet enterprise performance requirements.
•Experience with integrating solutions in a multi-vendor environment
•Knowledge of enterprise logging, with a focus on security event logging
•Experience with enterprise-scale operations and maintenance environments
•Experience with programming
•Experience with various security tools
•Ability to multitask and solve complex technical problems
•Experience working in a multi-server environment
•ITIL v3 - Foundation
•Existing DHS EOD, active Secret clearance, or active Top Secret clearance
•Understanding of DevOps/Agile concepts and processes
•Knowledge of performance metrics related to IT Service Operations
•Detailed knowledge of key cyber and network technologies such as Netwitness, Splunk, FireEye, etc.
•Knowledge of operations testing and evaluation methods as they relate to the Cyber Security area of expertise.
•Experience in network and cyber security design, engineering and operations
•Experience with NIST SP 800 series or ISO 27000 series documents for information security management and risk assessment

Pay Range:

COVID Response

Effective October 1, in order to enter Leidos facilities in the US and to attend Leidos business events outside our facilities, employees will be required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry.  Effective December 8, all Leidos employees must be fully vaccinated (2 weeks past final dose) unless they are entitled to a legal accommodation. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC. 

About Leidos

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021.  For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

   Save Job Saved

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community