Cybersecurity Engineer Network ( R-00082303 )
Leidos currently has an immediate opening for a Cybersecurity Engineer with a networking background, supporting multiple US Navy programs located Bethesda, MD. Leidos’ High Fidelity Simulation Business Area is responsible for architecting and implementing large-scale System of Systems solutions in support of world class simulation, training, and analysis products for the US Navy. You will get to work with state-of-the art technology developing the most sophisticated and “game changing” trainers the US Navy deploys. You will be part of a brilliant team, in a constant learning environment, on a long running program, performing work that has a major impact, with access to additional pay options. This position requires US citizenship and the ability to obtain a DoD Secret security clearance.
This position is part of the HFS cyber security team, and is responsible for maintaining and improving the security posture for the information systems that support the development and fielding of a variety of US Naval training systems. Candidate will perform at least the following tasks:
• Develop, manage, administer, and troubleshoot unclassified and classified networks.
• Develop, manage, and administer information assurance policies and procedures associated with networking.
• Be responsible for developing and maintaining all necessary documentation, policies, and procedures, providing direct end-user support as needed, and providing subject-matter expert assistance to other related projects as needed.
• Maintain up-to-date awareness of current and future trends, threats and vulnerabilities to existing and new technologies. Candidate should be current on all areas of Cybersecurity.
• Be thoroughly familiar with a variety of concepts, practices, and procedures associated with networking both Linux and Microsoft based servers.
• Have solid LAN/WAN knowledge and knowledge of DoD IT security requirements, including: DSS/NISPOM Compliance, DoD/Navy Policy Compliance, system auditing and log reviews, defense-in-depth strategies, system patching and remediation, and network-based/host-based vulnerability assessment.
• Perform regular audits of network devices, including review of system audit logs, verification and maintenance of regular backups of the network configuration, and inventorying of network components. Ensure that system recovery processes are monitored and tested to ensure that all network components are able to be restored. Perform patch management of all networks within the facility. Ensure that each IS’s Configuration Management Plan is maintained, audited, and updated regularly in regards to networking.
• Maintain Network Access Control Management, audit network logs, and ensure that unauthorized personnel are not granted use of, or access to, any network within the facility.
• Assist the Information System Security Manager (ISSM) in the management of networks, and maintain security posture through entire lifecycle and adherence to the Risk Management Framework. Ensure the implementation of security measures in accordance with the SSP and ISSM’s guidance.
• Perform periodic Risk Assessments of the networks and identify and document any unique threats to them. Develop and perform regular vulnerability and security posture tests of the network, as required by the Security Control Assessor (SCA) and ISSM.
• Assist with the evaluation of changes or additions to the network within the facility, work with the ISSM to determine security relevance, and make recommendations for approval or denial to the ISSM.
• Assist the Facility Security Officer (FSO) with periodic inventories.
• Provide general technical support to users and general system administrator support.
• BA/BS degree. Select certifications may be substituted for the education requirement. Candidate must be 8570.1M / 8140 compliant with certifications of Security+, SSCP, or CISSP as well as Network+, or CCNA (or better).
• Must have 4+ years of work experience, in part supporting Cisco IOS and NXOS switches, routers, and ASA firewalls
• Must have past experience with, and demonstrate the skills and capabilities to successfully execute the duties and responsibilities of this position
• Must have direct experience with maintaining and troubleshooting network hardware, and be familiar with virtualization using KVM and SLiRP
• Must be a flexible, positive and energetic team player; be able to work in a fast paced environment; adapt to changes tasking; and be able to work with minimal supervision
• Linux script development
• Familiarity with Jira, Confluence, Portfolio, and Service Desk platforms.
• Experience with GDMS encryption devices such as the TACLANE family of devices, VIPER phones, and key fill devices.
External Referral EligiblePay Range: