Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


Security Engineer ( R-00082076-OTHLOC-PL-2D0468 )

Law Enforcement and Security

Diplomatic Security

Yearly

No

Chantilly, Virginia, United States

Description

Job Description:

Leidos is looking for a Senior IT Security Engineer to provide leadership on a mission-critical program portfolio. The individual will oversee security compliance and processes, for a portfolio of applications. The individual will ensure that critical security functions such as Authorization To Operate (ATO), control gates, and related tasks and deliverables are completed successfully and on-schedule.

Primary responsibilities:

  • Demonstrating hands on experience with operating IT security / Information Assurance solutions in the context of Federal IT Security regulations and guidance such as NIST 800-53, NIST 800-37 and FIPS 199
  • Supporting the adoption and/or implementation of Federal and national security and compliance standards and/or guidance.
  • Providing support to programming code reviews, determining system performance specifications, identifying and resolving interoperability problems, developing requirements, determining parameters, and resolving conflicts between disparate technologies as they arise.
  • Providing potential solutions to remediate issues while allowing systems to remain operational and compliant in a mission-first environment
  • Contribute to and be responsible for parts of cross-functional oversight for the development of new products and enhancements, and ensure best practices are being followed.
  • Perform security and compliance analysis and activities, across products and/or teams within a portfolio, including requirements analysis
  • Lead security and compliance assessments and evaluations pertaining to specific application and subsystems.
  • Executing tasks, monitoring product delivery and work assignments.
  • Develop and provide metrics and reporting to demonstrate application compliance.
  • Perform vulnerability assessment and development and track mitigations.
  • Assist portfolio management with technical direction and prioritization of the development backlog
  • Ability to manage multiple high visibility security projects and adjust to quick shifts in customer priorities while meeting all mission requirements.
  • Provide mentoring and training to other team members on security guidance, technologies and processes.
  • Supporting development and maintenance of applicable Continuity of Operations (COOP) Plans, Business Impact Analyses (BIA), Business Continuity Plans (BCPs), and Disaster Recovery Plans (DRPs).

Basic Qualifications

  • Experience leading projects.
  • Experience in one or more of the following areas are required:
    • Demonstrated experience with NIST SP 800 series or equivalent series documents development and maintenance for information security management and risk assessment
    • Demonstrated experience supporting and securing software development projects/programs to include Agile development and DevOps/SecDevOps
    • Demonstrated experience with securing cloud services (AWS or Azure)
    • Experience defining strategic governance for security management, defining quality metrics, and implementing repeatable processes
    • Experience providing project management support, systems support, process improvement recommendations and product support documentation
  • Ability to obtain a Customs and Border Protection Public Trust suitability determination
  • U.S. Citizenship
  • Requires BS degree in IT, Computer Science, Information Systems, or a related field and at least 8+ years of prior relevant experience or Masters with 6+ years of prior relevant experience. Additional experience may be considered in lieu of degree.
  • At least five (5) years’ experience managing IT security

Preferred Qualifications

  • Experience with DHS, CBP, OIT, Border Enforcement, Cloud Services (AWS/Azure), Cloud Migration, DevOps/SecDevOps, Containerization, micro services, and Software Development
  • Candidates with strong analytical and organizational skills with excellent written and verbal communication skills
  • CASP or CSSLP
  • Experience working with information security technologies (e.g., design, encryption, data protection, privilege access, identity and access management, incident management, risk management and auditing)
  • Experience guiding peers, leaders, and decision makers on addressing complex security issues
  • Experience with scanning and elevation tools (WebInspect, Fortify, JFrog Xray, SonarCube, Nessus etc.); and GRC tools (RSA Archer)

ITI2

Pay Range: