Leidos is searching for a Sr Security Engineer for our QTC team! QTC is the Nations largest provider of Medical, Disability, and Occupational Health Examinations. The cutting edge technology that QTC has patented is designed to optimize the exchange of information between our clients and providers to ensure a timely delivery.
This is an exciting opportunity to use your experience helping the QTC mission.
Evaluates the design and effectiveness of IT controls based upon industry best-practice models (e.g. COBIT, ITIL, FISMA, NIST, OMB, etc.) in accordance with compliance requirements, and provides a systematic, disciplined approach to the analysis of operational business and governance processes to conform to standards and regulations.
Essential Duties and Responsibilities:
- Assists in the analysis and definition of security requirements
- Assists with certifications and accreditation reviews, security test and evaluations and drafting associated reports
- Coordinates compliance remediation activities and maintains accurate list of open and close compliance issues for the organization
- Coordinates all internal (e.g. Leidos internal audits) and external audit events (e.g. HIPAA, NIST, SOX, , Authorization To Operate (ATO) with clients, etc.), including discovery, sample delivery, management response, and remediation activities for all audits
- Works with Leidos Security team to conduct, report, and remediate findings from Intrusion Detection and other vulnerability scans
- Reviews infrastructure and application architecture for security and compliance
- Leads short-term projects that interact with multiple departmental teams
- Performs regulation and standard gap analysis and prepares audit reports
- Facilitates customer request, information gathering, and prepares response
- Develops mapping for controls to a Unified Control Framework
- Perform other duties and responsibilities as assigned
- Ability to understand weight and intent of compliance requirements to provide effective and meaningful analysis
- Must be a hands-on individual who is reliable, self-motivated, and has a can-do attitude
- Experience managing and maintaining compliance within large organizations and distributed environments
- Ability to identify technical and process design gaps and recommend appropriate remediation
- Ability to prepare compliance reports and associated metrics
- Ability to work with customer audit teams to fill information request
- Excellent negotiation and executive-level presentation skills
- Ability to multi-task and work effectively/efficiently with little direct supervision
- Excellent writing, editing, and documentation and evidence management skills
- Some travel will be required
- Must be legally eligible to work in the United States
Education and/or Experience: (includes certificate & licenses)
- Bachelors degree from an accredited college in Technology related discipline (e.g. Computer Science, Engineering, Information Systems, etc.) or equivalent experience/combined education
- 5 to 9 years working in compliance, information security, or internal audit covering one or more of the following: HIPAA, NIST 800-53, and Sarbanes-Oxley
- Required CISSP
- Preferred CISM, CRISC, or CGEIT
- Working experience with RMF and ATO and one or more of the following standards and regulations: NIST 800-53, SOX, PCI
- Experience with using security tools such as Nessus, NMAP, Rapid7, and Qualys
- Must be able to successfully pass National Agency Check with Inquiries (NACI) background investigation
This job description supersedes all prior job descriptions and is intended to describe the general content and essential requirements for the position listed above. It is not to be construed as an exhaustive statement of requirements, duties and responsibilities. Management reserves the right to add or change the duties of this position as required at any time.
QTC Management Inc. is a VEVRAA Federal contractor and an Equal Opportunity Employer. The company has an ongoing commitment to affirmative action and the creation of a workplace free of discrimination, harassment and retaliation. The company recruits, hires, trains, and promotes individuals in all job titles without regard to race, color, creed, religion, ancestry, national origin, age, sex, pregnancy, sexual orientation, gender identity, genetic information, people with disabilities protected under law, and protected veteran status.
External Referral Bonus:Ineligible
External Referral Bonus $:
Potential for Telework:No
Clearance Level Required:None
Scheduled Weekly Hours:40
Job Family:Security Architecture and Engineering
Please note that effective October 1, to enter Leidos facilities in the U.S. and to attend Leidos business events outside of our facilities, employees, vendors, subcontractors, and visitors will be required to be vaccinated or maintain proof of a weekly negative COVID-19 test. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated or able to show negative COVID-19 test results to access facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible.
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.