As a Principal Security Architect you will be able to work with minimal direction on a range of large and small programmes that deliver IT transformation and new services capabilities. You will ensure that the solution security design meets the customer functional and non-functional security requirements and provides the necessary assurance to our client, highly likely to be backed up by rigorous accreditation and certification processes, normally HMG standards (including MOD-specific JSP) alongside ISO27001.
You will have responsibility for interfacing to security design partners across programmes, both customer and supplier representatives, and colleagues within our engineering, service, and business development teams. You will ensure that Leidos can establish and maintain an effective and efficient security architecture for a programme, and that the designs will be able to adapt as customer requirements, legislation and accreditation standards change over a programme lifespan.
Within a programme, the role will primarily be responsible to a solution architect for developing and delivering the relevant elements of a solution, whilst understanding the whole. You will be required to work in both delivery and proposal environments. You may be required to work on multiple programmes at the same time and these may include bids, implementation of new systems and transformation of existing systems.
You will have a complete understanding of cyber risk and treatment approaches. Based on a strong ability to communicate risk and its proportionate management, you will know how this issue is addressed both in traditional ‘off-cloud’ highly sensitive platforms, and naturally in cloud technologies. You will be experienced and accomplished in meeting the challenges associated with accrediting systems in public and private cloud environments.
You will be required to develop high and low level security architecture designs for systems intended for secure/sensitive environments, with appropriate security based on detailed risk analysis. SABSA qualifications and experience would be desirable.
The Leidos client base includes a number of national government departments and arms-length bodies, local authorities and providers of critical national infrastructure. We take our security obligations very seriously and will ensure there is a strong security component to all our proposals, and will be able to demonstrate a sound security operation is enabled by the solution we design for our clients. You will be required to hold security clearance under National Security Vetting and Police processes.
You may need to work on customer locations or one of our secure development locations, or a mix of both, as well as an element of working from home.
British - Non-dual national – many of our projects have nationality restrictions.
SC cleared – Candidates should have or be willing to undergo SC, and if required, DV clearance.
Eligible for Non-personnel Police Vetting level 3 standard (NPPV3)
- Experience of a taking a defence in depth and multi layered approach to security architecture
- Experience of applying commensurate detective and protective security controls to reduce risk to an acceptable level
- Understanding of the controlling processes for, and experience of a significant portion of, the systems engineering lifecycle (e.g. requirements management, configuration management)
- Understanding of different lifecycles/methodologies (waterfall, incremental, agile, DevOps)
- Experience of the key engineering lifecycle reviews – e.g. System Requirements Review (SRR), Critical Design Review (CDR)
- Experience in performing design trade off working with other architects and engineers to deliver an integrated and coherent solution
- Understanding of service operations and security operational management planning
- Experience working in both delivery and proposal environments
- Experience of Defence Digital and relevant solutions and approaches across MOD
- Excellent understanding of Confidentiality, Integrity and Availability (CIA) and practical experience in applying that
- Experience in defining derived security requirements for a system, and managing traceability
- Experience of gaining and maintaining accreditation for secure/sensitive systems
- Experience in producing security documentation sets (such as SyOPS, RMADs, Security Management Plan, ISMS and DART submissions)
- Understanding of the implementation, operation and maintenance of SIEM products
- Understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti-virus)
- Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc)
- Understanding of security infrastructure in Public and Private cloud, e.g. virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions
- The ideal candidate will hold CISSP certification in addition to SABSA qualification
Communication and Soft Skills
- Excellent verbal and written communication skills and works well in a team environment
- Capable of developing and communicating a vision to meet the System Requirements
- Ability to communicate complex technical ideas across a wide range of different audiences
- A good level of commercial awareness that will support the bid and delivery environments
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.