Description
Leidos is seeking motivated, qualified candidates for the position of InfoSec Systems Engineer. This role provides information security solutions compliant with the Risk Management Framework (RMF) and ICD 503 Security Accreditation control as part of a proactive cyber-security engineering team. As a member of the cyber-security / incident response team you will provide architecture consultation and board all engineering control gates. This role is responsible for protecting the organization's information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording and destruction. As a condition of employment, this position requires the candidate pass both a customer required medical and psychological screening.
Primary Responsibilities
Collaborating with the various customer security organizations to ensure RMF processes are followed and documented, policy is translated to operational procedures, while proper tools are leveraged in both the operational centers and throughout the field
Develop and update Assessment & Authorization (A&A) documentation (Body of Evidence) for management and continuous monitoring of information systems.
Attend weekly peer review and engineering boards as needed to provide InfoSec expertise on various topics.
Developing security policies, processes and procedures including information security operational documents, along with the verification that security policies and procedures are enforced
Apply cyber security standards, directives, guidance, and policies to an architectural framework.
Provide broad based experience in the systems engineering lifecycle and apply the experience to specific cyber security initiatives relating to architectural design and development.
Port/vulnerability scanning and analysis according to policy
Coordinate with System Administrators and other operations and engineering staff to remediate all vulnerabilities and report results to appropriate stakeholders
Track common vulnerabilities and exposures (CVE) based security threats and map to internal controls and remediation plans.
Participate in data and root cause analysis for each service impacting incident with all possible corrective actions for improvement.
Conducting security audits
Development and delivery of presentations
Security product trade studies
Basic Qualifications:
Bachelor's degree and at least 12 years of related experience or Masters with at least 10 years of prior relevant experience or 16 years of experience in lieu of degree
Clearance: Active TS/SCI with polygraph required
Currently possess DoD 8750 certification at IAT level II or higher.
Broad range of knowledge into the latest tools and techniques used to secure both IPv4 & IPv6 network
Strong oral and written communications skills
Experience with the Risk Management Framework (RMF) and ICD 503 Security Accreditation processes.
Demonstrated experience analyzing test results to develop risk/threat mitigation plans
Demonstrated experience communicating vulnerability results and risk posture to senior executives
Understanding of DoD and IC security policies and mandates
Experience coordinating with Information System Security Managers (ISSM) in testing, documenting, and achieving accreditation of systems throughout the development process, and achieving operational acceptance.
Original Posting Date:
2024-10-17
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $122,200.00 - $220,900.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.