Job Details
Leidos
Security Engineer
Description
Job Description:
1901 a Leidos company has an opening for a Security Engineer located in Blacksburg and Reston, Virginia. Potential for Remote.
Position Summary:
A security engineer in a 24x7 Security Operations Center responsible for assessing risk while maintaining and deploying secure solutions to protect against potential security threats and incidents.
Primary Responsibilities:
•Review existing architectures to plan, deploy, and enhance secure solutions to protect the data within the environment
•Review existing security documentation and processes to provide areas of improvement
•Provide investigation and remediation support to mitigate security threats and incidents
•Work with various teams to ensure best practices regarding information security are understood, implemented, documented as systems are migrated from different environments
•Review multiple cloud environments for weaknesses and improvements needed
•Work with the team to integrate the security toolset with other systems to automate functions for incident response
•Ensure systems adhere to relevant secure benchmarks
•Managing multiple security tools within multiple environments
•Work with the SOC and Compliance teams to ensure SSP and relevant controls are documented and updated
•Work within the team to enhance rule tuning and filtering to focus on relevant events
•Support a wide range of security tools in a multi-tenant environment
•Provide Continuous tuning of existing security tools used for monitoring and analysis of security events of interest
•Create incidents and support the investigation of such incidents to not only mitigate the current threat but also prevent future occurrence.
•Create, review, and update applicable control implementation statements within System Security Plans (SSP) with supporting statements and evidence
•Document and track status of all findings within the Plan of Action and Milestones (POA&M)
•Work closely with other teams to support the incident management process.
•Work with various groups to ensure compliance to applicable FedRAMP controls under NIST 800-53
•Stay up-to-date on the latest tools, techniques, and processes used by cyber criminals
•Be an escalation point within the team and work closely with other analysts and engineers as required
•Work with various teams to improve integration of services to the security toolset
Basic Qualifications:
•Bachelor’s Degree and 5+ years in an engineering role.
•Experienced with design, planning, and implementation of security technologies such as, but not limited to web proxies, vulnerability scanners, Endpoint Detection and Response (EDR) solutions, and Intrusion detection/prevention systems (IDS/IPS).
•Always learning new security techniques and ways to identify and prevent attacks
•Very familiar with Information Security Engineering best practices and NIST standards, such as SP 800-53, SP 800-61, and SP 800-63-3.
•Experienced with assessing security controls of cloud environments against multiple compliance frameworks.
•Must have a public trust clearance.
•Security + certification
•CISSP certification
•Ability to work independently and in a team environment
•Must be able to articulate existing or emerging security threats and vulnerability remediation
•Ability to work independently and in a team environment
•Train other SOC analysts on technical and process-related areas
•Evaluate security tools as requested
•Assist with incident response procedures
•Assigning tasks as needed to team members
•Travel to customer sites, including overnight travel
•Working various shifts as assigned
•Working overtime as assigned
•Other physical requirements (lifting, standing, walking, bending, squatting, etc.)