03 Sep
LEAF Security Engineer
West Virginia, Morgantown , 26501 Morgantown USA

Vacancy expired!

Description Job Description:Job DescriptionThe Office of Technology (OOT) at Leidos has an immediate opening for a Security Engineer to help us shape, develop, and deliver new software solutions leveraging state-of-the art technologies to our customers and launch new products and capabilities. The successful candidate will be organized, diligent and able to work successfully individually and in teams. The security engineer will provide security engineering support in accordance with Leidos and customer security mandates, policies, standards, and procedures. This includes security services components as they apply to hardware and software. The security engineer will provide security engineering support to: develop and maintain a flexible security architecture; provide protection from unauthorized use of, or access to, the networked assets; and protect all data residing on the network from intrusion, destruction, or compromise. You will work with internal and external stockholders to design, build, secure, harden and deploy complex enterprise microservice based solutions.Primary ResponsibilitiesAssess the current security architecture and deliver improvement recommendations.Develop and deliver plans that improve security to physical and logical devices connected to the network.Develop and deliver recommendations for security assets refresh or upgrade on an annual basis.Develop and deliver recommendations for improved network security.Develop and deliver recommendations for policies to improve security vulnerability and penetration testing.Develop and deliver plans for Security Services asset updates or patches.Design, test, and support implementation of the approved security architecture improvements.Design and support implementation of monitoring and managing access plans.Design, test, and support implementation of plans to secure network attached devices.Design and support implementation of approved recommendations for improving network security.Design and support implementation of approved policies for security vulnerability and penetration testing.Design, drive, and conduct security vulnerability scanning and remediation activities.Design, test, and support implementation of updates or patches approved for security services assets.Develop a familiarity with all necessary families of controls and security policiesCreate and maintain Monitoring schedules of the Cloud Environments using external tools such as Trend Micro Deep Security and Qualys Vulnerability Management Platforms.Assist in the building and securing architectures in Amazon Web Services (AWS) utilizing services such as EC2, Identity and Access Management (IAM), and Amazon's Elastic Kubernetes Service (EKS)Provide security guidance and interpretation of DISA STIGs and CIS Hardening Guides for implementing development and testing infrastructure securely utilizing technologies such as Docker, Kubernetes, and Amazon Web Services (AWS)Basic QualificationsBS and 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience. Experience may be substituted in lieu of degree.Must be able to obtain a DoD Secret Security ClearanceAbility to complete tasking independently with minimal direct supervisionAbility to work and collaborate effectively within a multi-disciplined engineering team.Demonstrated proficiency with Unix shell scriptingDemonstrated proficiency in at least one high-level programming language (Java, C#, Go, Python)Demonstrated proficiency with NIST 800-171 Family of ControlsDemonstrated proficiency with NIST 800-53 Family of ControlsDemonstrated proficiency with FedRAMP Security Policies & RequirementsDemonstrated proficiency with at least one Code Analysis tool (Findbugs, Coverity, HP Fortify, OWASP Dependency Check, etc.)Demonstrated proficiency with at least one Penetration Testing tool (Wireshark, nmap, Kali Linux)Demonstrated proficiency with multiple operating systems (Mac OSX, Windows, and LINUX)Preferred QualificationsExperience working with a version control system (e.g., Git)Experience working with CI/CD processes and tools (Jenkins)Experience working with virtualization technologies (VMWare and VirtualBox)Experience working with the Atlassian toolsetExperience working with AWSExperience working with AzureExperience working with Trend MicroExperience working with OWASP Dependency Check and/or Dependency TrackExperience working with containers and container orchestration tools such as KubernetesExperience with DFARS protocolsExperience working with HIPAA Security RulesExperience with HiTrust qualificationsExperience with FISMA qualificationsExperience developing and maintaining policies and plans such as: Information Security Policies (ISPs), System Security Plans (SSPs), Business Continuity and Disaster Recovery (BCDR) plans, etc.Experience with tools such as SPAWAR's SCAP Compliance Checker and OpenSCAPExperience performing security audits and assessmentsExperience with scanning systems for patch compliance using tools such as ACAS/NessusExternal Referral Bonus:IneligiblePotential for Telework:NoClearance Level Required:NoneTravel:NoScheduled Weekly Hours:40Shift:DayRequisition Category:ProfessionalJob Family:Security Architecture and EngineeringPay Range:

Vacancy expired!


Related jobs

Report job