Job was saved successfully.
Job was removed from Saved Jobs.

Job Details

Mid-level Automation Engineer ( R-00085120 )


Applications Engineer



Ashburn, Virginia, United States


Job Description:

Do you want to grow your career and be part of a team solving critical challenges that affect the world? Then Leidos is the place for you!

The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.

The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.

Leidos has an immediate need for Automation Engineer to join our CBP Team. The ideal Automation Engineer is someone who is process driven, efficient, and strives to remove tedium from daily workflows. The SOAR Developer will:

  • Author, test, and maintain automation scripts/workflows within SOAR platform

  • Design, implement, and maintain efficient and reusable Python code

  • Review, debug, and resolve technical issues throughout all stages of SDLC

  • Integrate SOAR platform with other security tools and APIs to execute automated workflows

  • Coordinate with System Administrators, Engineers, and ISSOs to provision service accounts and/or grant required permissions

  • Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions

  • Measure effectiveness of process improvement and automation efforts via metrics and KPIs

The ideal candidate will have the following qualifications:

  • Have expert proficiency with Python

  • Working knowledge of SOAP/REST APIs, JSON, HTML/CSS, Javascript, XML

  • Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc

  • Experience as a SOC Analyst and/or Incident Responder

  • Authored SOC SOPs, playbooks, work instructions and/or other process documents

  • Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)

  • General networking knowledge to include operation of routers, firewalls, DNS, DHCP, subnetting, VPN and Web Proxies

Basic Qualifications:

  • All CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).

  • BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on Cyber security

  • Should have 2 years of experience serving as a SOC Analyst or Incident Responder

  • Ability to work independently with minimal direction; self-starter/self-motivated

Must have one of the following certifications:

CompTIA Advanced Security Practitioner (CASP)

CompTIA Security+

GCIH – Incident Handler

GCED – Enterprise Defender

GMON – Continuous Monitoring Certification

CISSP – Certified Information Systems Security

CEH – Certified Ethical Hacker

Pay Range:Pay Range $94,250.00 - $145,000.00 - $195,750.00