Cyber Security/InfoSec Engineer ( R-00072122 )
Leidos is seeking a Cyber Security InfoSec Engineer will provide support for a 150+ FTE technical development program supporting the Sponsor’s Entitlement Programs as well as IdAM /ICAM, Authentication, Authorization, Attributes and Digital Policy Management. This position is located in the Reston, VA area and requires an active TS/SCI with Polygraph in order to be considered.
The Cyber Security Engineer will target, assess, exploit, and report risks and vulnerabilities of information systems to provide senior decision makers with actionable data. Cyber Security Engineers are responsible for IT security/vulnerability assessments and managing overall network security using network and security-related hardware and software.
Identify and define applicable security controls and responses for the project.
Review responses, enter responses into the cyber risk management platform, and update risks.
Identify common controls and draft common control language for the cyber risk management platform.
Perform security maintenance duties, such as performing analyses of vulnerabilities and providing recommended resolutions.
Maintain awareness of system level changes, ensure proper patch levels, and upload cyclic scans to the appropriate repositories.
Achieve and maintain system accreditation, including providing guidance, plans, and evidence and maintaining documentation.
Perform regular reviews, such as audits, and review security test results.
Participate in or lead technical exchange meetings and application review boards and document action items and results.
Brief management on status.
Requires BS degree and 12-15 years of prior relevant experience or Masters with 10+ years of prior relevant experience, additional years of experience in lieu of degree.
Prior experience with programs of similar size and complexity.
Demonstrated work experience in cyber security or related IT field.
Demonstrated experience performing complex technical tasks with minimal direction.
Demonstrated experience designing, testing, or implementing IT security architecture.
Demonstrated experience performing network security analysis.
Demonstrated experience developing risk management methodologies.
Demonstrated experience analyzing test results to develop risk/threat mitigation plans.
Demonstrated experience communicating vulnerability results and risk posture to senior executives.
Certified Information Systems Security Professional (CISSP).
Experience with the Sponsor’s entitlement management programs.
PMP, SAFe Agilist Certification, AWS certification.