Senior Cyber Security Engineer
Leidos
- Falls Church, VA
- Permanent
- Full-time
- Review and ensure compliance with customer security policies and requirements.
- Review new and existing system designs for compliance with security standards and best practices.
- Conduct vulnerability assessments and security scans on both systems and networks to identify and mitigate security vulnerabilities.
- Remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms).
- Analyze and mitigate network-related risks.
- Manage and review security logs and taking required actions.
- Lead system and application architects through security acceptance testing.
- Provide architectural and technical guidance and recommendations for securing systems and networks.
- Implement securing and hardening recommendations.
- Implement an information security framework.
- Produce threat reports.
- Document and communicate security policy to enterprise organizations and gain organization commitment for security plans.
- Conduct research on emerging technologies in support of enterprise operations. Ensure new and existing products conform to information security policies, standards, and best practices.
- Must have an active TS/SCI with Polygraph to be considered for this role.
- Ability to satisfy a government-administered high-risk role screening.
- Bachelor’s degree in Computer Science, Information Technology, Computer Forensics, Cyber Security, Information Security System Engineering or similar field with 12+ years of experience. Additional experience may be substituted in lieu of a degree.
- Knowledge of networking environments and related technologies to include, but not limited to routing, switching, VLANs, subnets, firewalls, Windows operating systems, LINUX/UNIX-based operating systems, common networking protocols, and common enterprise technologies.
- Understanding of IT security principals, technologies, best practices to include logical access control, PKI and other encryption methods, network-based and host-based IDS/IPS, security configuration baselines, auditing, vulnerability discovery, and management.
- Experience with scanning and elevation tools (Nessus, Retina, Wireshark, NMAP, etc.).
- Experience successfully implementing advanced cyber security technologies in a complex environment.
- Experience developing and implementing information security controls, procedures, and documentation for the operations of systems.
- Experience accrediting systems following the Risk Management Framework.
- Experience documenting systems' adherence to NIST Special Publication 800-53, Security and Privacy Controls for Information Systems and Organizations.
- Experience with ongoing Authorizations and Assessments (A&A) and continuous monitoring.
- In-depth technical experience with network infrastructure, operating systems, database, and web applications.
- Demonstrated experience in testing and implementing network vulnerability and protection.
- Senior-level knowledge of information security concepts, policy frameworks, and best practices.
- Must be highly organized and self-motivated with excellent documentation skills and the ability to work with minimal supervision. Candidate should be able to communicate effectively with customers and team members at all levels.
- Information Assurance Certifications (i.e., CISSP, CISA, GIAC, Security +, Certified Ethnical Hacker, etc.)
- CISCO CCNA, CCNP or CCIE certified.
- In-depth knowledge of Linux operating system variants.
- Knowledge of scripting language (Perl and/or Bash).
- Experience with CISCO and Juniper Networks.
- Knowledge of Agile development using SAFe
- Experience using Atlassian tool suite to include JIRA and Confluence to track activities and knowledge management documentation.