Security Engineer ( R-00079329 )
Leidos is seeking a talented Senior Security Engineer to join our team to support a federal customer within the Department of Homeland Security (DHS) Enterprise Security Operations Center (ESOC). The Senior Security Engineer provides support across the security boundaries focusing on supporting the ESOC Operations mission. The Senior Security Engineer will support the information security team to offer support to security tools and technologies by engaging in the full security engineering life cycle, including requirements analysis, design, development, integration, testing, documentation, and implementation following defined security best practices and standards. This role will engage in infrastructure solution design and architecture, information assurance, advisory, compliance, and risk management support.
Collaborate with the information security and assessors team to support security tools and technologies such as network threat analysis tools, Endpoint detection and response, vulnerability management, threat intelligence and other security tools.
Support the modernization of Security Architectures to Zero Trust and TIC 3.0 by using modern cloud security tools.
Implementing and troubleshooting of Network Security tools such as Tanium, McAfee, ForeScout, FireEye, SourceFire and Suricata.
Operationalize, administer and maintain the Tanium Platform.
Manage multiple assignments, changing priorities, and work independently with little oversight.
Work closely with senior engineers, other team members and application owners to solve technical problems at the network, system, and application levels.
Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required
Hardware and software installations, integration, upgrades, and maintenance of tools distributed throughout the datacenters.
Provide follow-up reports for technical findings, feedback, and resolution steps taken for Root Cause Analysis, engineering technical assessment and process improvement initiatives.
Communicate with project manager on a frequent basis. Identifies tasks and issues that may have an impact on service levels or schedules.
Must have a current TS/SCI clearance
Bachelor's degree in related field including Computer Science, Cyber Security and Information Security
A minimum of 7 years of experience as Security engineer with concentration in Cybersecurity.
A minimum of 7 years of hands-on experience performing the following responsibilities:
Implementing security measures that effectively safeguard sensitive data in the event of cyber-attack.
Developing and supporting network security solutions and providing guidance on vulnerabilities or potential vulnerabilities within the enterprise architecture.
Hands-on experience with Tanium, Gigamon, Suricata, SourceFire, FireEye, ePO, and other network and endpoint security tools.
Experience with the following security technologies: IPS/IDS, Firewalls, Proxies and reverse proxies, DNS servers, Anti-virus/Anti-malware tools, Endpoint detection and response tools, vulnerability and asset management tools.
5 years of experience in Systems Administration/Engineering.
Highly skilled in Linux-related scripting (Bash, Perl, Python, etc.)
React to and initiate corrective action regarding security violations, attempts to gain unauthorized access, malware and virus infections that may affect the network or other event affecting security.
Identify security risks, threat vectors, vulnerabilities of networks, systems, applications, and new technology initiatives.
Experience with application content updates like AV signatures, NIPS signatures, threat intelligence.
Work with developers, IT management, and other business stakeholders to gain an understanding of business security requirements for critical systems and sensitive data.
Communicate security vulnerability reports and trends to ensure appropriate corrective action is taken.
Develop, implement, communicate, and enforce security policies and/or processes for data, software applications, and cloud infrastructure.
Strong technical, analytical, and interpersonal skills. Self-motivation and ability to work independently.
Superior attention to detail with excellent written and verbal communication, problem solving, researching and follow-up skills
Department of Homeland Security NOSC employees are required to obtain an Entry on Duty (EOD) clearance to support this program
Candidate must, at a minimum, meet one of these certifications: CISSP, CCSP, CCNP, CCIE Security, CEH, MCSE, COMPTIA Security+, GCIH, GPEN, OSCP, OSCE
Knowledge of SIEM tools such as Splunk
Experience working in AWS and Azure
Experience developing in Bash, Python, YAML
Experience working with SIEM tools such as Splunk
Knowledge of CASB or Zscaler is a plus