The Leidos Cybersecurity Architecture and Engineering (CAE) organization has an immediate opening for an experienced, and motivated Network Security Engineer Sr. This role can be supported remotely or from one of the following locations: Gaithersburg, MD, Reston, VA or Orlando, FL.
As a member of the Cybersecurity Architecture and Engineering Team (CAE), the Network Security Engineer Sr. will serve as the cybersecurity subject matter expert and primary interface to the Enterprise Infrastructure (IE) Networking Organization. You will join a team of other Cybersecurity Engineers, and support the design, development, and deployment of Leidos Global Enterprise Network Security Architecture, Leidos Software Defined Datacenter (SDDC), and Infrastructure as a Service (IaaS) architectures. The role requires solid foundations in network security to include: layer 7 firewall capabilities, remote access, and the technical implementation of compliance standards. The candidate's primary responsibilities include engaging with the Enterprise Infrastructure teams to support integration or enhancements by developing cybersecurity requirements, leading discussions to ensure security objectives are met, and providing engineering support throughout the project lifecycle. The candidate will also be responsible for supporting the Leidos cyber risk assessment process to ensure Leidos' high security posture standards are met.
- Act as the technical Network Cybersecurity SME supporting Enterprise Infrastructure globally at Leidos.
- Work closely with other Cybersecurity Architects and Engineers with different areas of expertise (Application, Endpoint, Cloud, Mobile, etc.). This includes providing Network Security insight into their initiatives, and leaning on this vast pool of talent to help solve Application/Endpoint/Cloud/Mobile roadblocks within Network Security Environments.
- Take lead on security Design Engagement Reviews (DERs) for Network centric Enterprise Infrastructure Projects to include Data Center design and consolidations.
- Work with other Network Security Engineers on significant network security enhancements to include: Network Security Stack in the cloud, Web Application Firewalls (WAF), Cloud Access Security Brokers (CASB), or Secure Web Gateways (SWGs), and Software Defined Perimeter (SDP) technologies.
- Bachelor's degree and 12+ years of experience in Information Security with a real passion for the field. Additional years of relevant experience, training, and/or professional certifications will qualify in lieu of a degree.
- Must be able to obtain a Security Clearance and therefor have US citizenship. Individuals do not need to possess a clearance today.
- Must have a background in Network Security, and basic knowledge of the OSI model, TCP/IP protocols, and access fundamentals.
- Experience designing enterprise class environments to include layer 7 firewall solutions (examples include experience with Check Point, Fortinet, Juniper, Cisco or Palo Alto).
- Ability to write and verbally communicate effectively to both technical and non-technical audiences.
- A self-starter who can execute at the architect level using a combination of learned skills, personal networking, and grit to achieve objectives.
- Must have strong problem-solving and analytical skills, and demonstrate poise in communicating with non-technical audiences.
All of the below are not requirements, but would bring significant value to the team:
- Experience with a firewall policy management tool such as Tufin, Algosec or Firemon.
- Experience as a Solution Architect designing, reviewing, and securing environments.
- A fundamental understanding of Cloud IaaS/SaaS delivery models with experience in any one of the following: AWS, Microsoft, Google, or Oracle clouds. This will set the foundation for what it takes to design access controls to Enterprise IaaS/SaaS capabilities.
- Experience designing, deploying or maintaining enterprise class IDS/IPS solutions such as SNORT, Suricata, Cisco FirePower, or McAfee Intrushield.
- Previous experience with Web Application Firewalls (WAF), Cloud Access Security Brokers (CASB), or Secure Web Gateways (SWGs), Software Defined Perimeter (SDP), or Secure Access Service Edge (SASE) technologies. Examples include technologies like zScaler, SkyHigh, Netskope, or Palo Alto Prisma to name a few.
- Previous experience with Remote Access capabilities to include Virtual Private Network (VPN) tooling as well as Zero Trust Network Access (ZTNA) solutions which grant secure access to Leidos remote endpoints, application APIs, and services.
- Possess one of the following certifications: Palo Alto Certifications, Juniper Certification, Cisco Certifications (CCNA, CCNP, CCIE), Check Point Certifications, SANS Certifications (GIAC, etc), RedHat Certifications.
Pay Range:Pay Range $113,100.00 - $174,000.00 - $234,900.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 46,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.