To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00061497-OTHLOC-PL-2D2293
Location: Reston, VA
Category: Security Architecture and Engineering
Schedule (FT/PT): Full Time
Travel Required: Yes, 10% of the time
Shift: Day
Potential for Telework: Yes, 75%
Clearance: None
Referral Eligibility: Eligible
Group: Health

Share: mail twitter linkedin


Job Description:

Cyber-Security Engineer

The Health Growth Solutions (HGS) at Leidos has immediate opening for cyber-security engineer to help us securely shape, develop, and deliver new software solutions leveraging state-of-the art technologies to our government customers and launch new and innovative products into the commercial healthcare marketplace.  Healthcare is one of the fastest growing sectors of the US economy, but the industry faces many challenges in delivering value to providers and payers and in improving patient care outcomes in a highly dynamic marketplace. Our software engineers are at the forefront of defining and building solutions to address those challenges using a go-fast agile approach driven by small teams that rely on and value the contributions of each team member.

As a part of an agile scrum team, you’ll help plan for and implement product and information security incident, damage, and threat assessment programs. You’ll serve as a core member of the Cyber Security team focused on daily cyber security operations to secure our products and protect our customer data, design and implement Security Information and Event Management (SIEM) procedures and operations, and identify and remediate gaps in our products. This includes the interpretation and implementation of cyber security best practices for all products and services. In addition, you will work under the direction of the Cyber-Security Architect to drive a broad set of security initiatives at HGS, including software design analysis, policy development, TLS standards curation and risk mitigation.  Most importantly, you will become a critical member of the team responsible for ensuring the integrity of HGS’s enterprise and products and for keeping HGS’s users safe, within a company dedicated to building a more secure internet.

Responsibilities and Duties

  • Provide security design analysis and infrastructure auditing for products and services and participate in the iterative design process in order to identify vulnerabilities, risks and choices that would lead to increased risk down the road early and throughout the product lifecycle.
  • Develop Security reference architectures for common patterns that result in unnecessary risk.
  • Document and communicate these reference architectures to teams and advocate for their adoption to mitigate risk.
  • Develop policies and guidelines to make it easier for non-security minded people to understand what to ensure their products do and don’t do.
  • Establish organization-wide web security and TLS standards, and, in partnership with operations teams and developers, automated processes to assess and enforce those standards.
  • Execute a forward looking risk prevention program that identifies areas of risk that are not well understood and lacking strong ownership, assess the risk, propose a suite of mitigations, and drive the mitigations to completion.
  • Conduct vulnerability assessments and monitor systems, networks, databases and Web-based assets for potential system breaches.
  • Recommend and implement changes under the supervision of the Cyber-Security Architect to enhance security systems and prevent unauthorized access.
  • Respond to alerts from information security tools.
  • Report, investigate, and resolve higher level security incidents.
  • Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach.
  • Ensure compliance with regulations and privacy laws.
  • Supports the security architect in the development and maintenance of security standards including, but not limited to, network infrastructure, wireless and mobile infrastructure, operating systems, databases, applications, and emerging technologies.
  • Understands current as well as emerging security threats.
  • As directed by the security architect, identifies security architecture capabilities and design security architecture patterns to mitigate threats.
  • Assesses emerging technologies against security architecture to determine where they fill gaps, overlap with existing solutions or extend capabilities.
  • Serves as information security subject matter expert; provide advisory and consulting services as needed.
  • As directed by the security architect, reviews existing and proposed architectures, identify security design gaps, and recommend changes or enhancements.

Required Skills and Qualifications

  • BS and 8 – 12 years of prior relevant experience in a security engineering role.
  • Proven expertise in assessing security risks, presenting security topics to people outside of security, analyzing software and system design to identify security vulnerabilities, and policy development.
  • Knowledge of state of the art vulnerabilities and attack techniques, and a depth of technical expertise with designing and building tooling to scale your influence and impact. Outstanding interpersonal skills to partner with teams across the organization and support them in reducing their risk.
  • Ability to develop your own tools as needed in a variety of programming languages, such as Python, Java, Javascript, etc.
  • Practical experience working with cloud technologies, such as Amazon Web Services, Google Cloud Platform, Microsoft Azure, etc.
  • Superb communication skills; ability to work effectively with diverse company partners.
  • Proven experience in performing administration functions of Linux/UNIX & Windows systems, network, firewall, and DNS experience.
  • Demonstrated working knowledge of vulnerability assessment and penetration testing tools.
  • Proven ability to work effectively both independently and/or in a team setting.
  • Ability to communicate technical information to a non-technical audience.
  • Must possess strong analytical and problem-solving abilities; and strong critical-thinking skills in complex communication environments.
  • Certified Information Systems Security Professional (CISSP) certification required.

Preferred Skills and Qualifications

  • Additional security-related certifications, such as Global Information Assurance Certification (GIAC), Certified Ethical Hacker (CEH), etc. Experience with Health field related enterprise technology applications

External Referral Bonus:


External Referral Bonus $:

Potential for Telework:

Yes, 75%

Clearance Level Required:



Yes, 10% of the time

Scheduled Weekly Hours:




Requisition Category:


Job Family:

Security Architecture and Engineering

Pay Range:



About Leidos

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 40,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

   Save Job Saved

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community