IT Security Engineer

• Research and analyze cyber threat trends, vulnerabilities, and exploits to proactively identify risks to critical mission systems.
• Design and implement defensive cyber security solutions to protect data, networks, and applications from unauthorized access, modification, or destruction.
• Perform vulnerability assessments, penetration testing, fuzzing, and malware analysis to detect and mitigate potential security risks.
• Secure development environments by implementing application security architecture and conducting evaluations of software for security compliance.
• Collaborate with development, IT, and operations teams to integrate security into the software development life cycle (SDLC) and CI/CD pipelines.
• Identify, detect, and respond to cyber attacks and incidents, including investigation and remediation efforts.
• Ensure cyber solutions comply with relevant standards, frameworks, and regulatory requirements.
• Maintain up-to-date documentation of security architecture, findings, and mitigation strategies.

• TS/SCI w/ Poly Clearance is required
• Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or a related technical field with 8+ years of relevant experience, or equivalent combination of education, certifications, and experience.
• Proven experience in application development, using programming and scripting languages such as Python, C/C++, Assembly, or Java.
• Demonstrated proficiency in both offensive and defensive cybersecurity.
• Experience with vulnerability research, reverse engineering, and malware analysis.
• Knowledge of code analysis, code manipulation, and payload development.
• Knowledge of defensive tool development, threat detection, and incident response
• Working knowledge of web application vulnerability assessment, penetration testing, and fuzzing techniques.
• Experience conducting cyber threat intelligence research to stay informed on emerging technologies and threat trends.
• Familiarity with secure software development practices, application security architecture, and development environment hardening.
• Strong analytical and problem-solving skills with the ability to independently develop innovative technical solutions.
• Experience working in high-impact environments, leading technical projects or mentoring junior staff.

• Industry certifications such as OSCP, OSCE, GREM, GPEN, CISSP, or CEH.
• Experience with reverse engineering tools and platforms such as IDA Pro, Ghidra, Radare2, or x64dbg.
• Proficiency in scripting languages for automation and exploit development (e.g., Bash, PowerShell, Ruby, or Perl).
• Experience with threat emulation, red/blue team operations, or offensive cyber tool development.
• Familiarity with cyber research methodologies, proof-of-concept development, and technical documentation.
• Understanding of advanced persistent threats (APTs) and nation-state level cyber tactics.
• Experience in environments requiring compliance with frameworks such as RMF, NIST 800-53, or STIGs.
• Prior experience supporting DoD, federal agencies, or other classified environments.

Leidos