nCyber Security Engineer / Information Systems Security Engineer

Nabout Leidos
31 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 195K

Job location

Tech stack

Microsoft Windows
Agile Methodologies
JIRA
Burp Suite
Configuration Management
Information Systems
Linux
Elasticsearch
Pcap
Windows Server
Red Hat Enterprise Linux - RHEL
Logstash
Security Information and Event Management
Software Engineering
Backend
Integration Tests
Kibana
Splunk

Requirements

You bring deep technical expertise, strong security engineering instincts, and the ability to lead complex accreditation efforts.\n \n \n

  • Active DoD TS/SCI clearance\n
  • Current DoD 8140-compliant security certification; ability to obtain CE certification within 6 months\n
  • 10+ years of experience in software engineering, system design, configuration management, integration testing, or information system engineering\n
  • 5+ years of experience in system security analysis, secure system design, or protocol/interface standards\n
  • Experience with Assessment & Authorization (A&A) for multiple security applications\n
  • Experience preparing SSPs, risk assessments, SOPs, and contingency plans\n
  • Demonstrated experience creating and validating RMF security control evidence\n
  • Experience hardening Windows and Linux systems (ports, protocols, security groups, patching)\n
  • Working knowledge of RHEL 9 and Windows Server 2019/2022\n
  • Ability to work in an Agile environment using sprints and Jira boards\n
  • Experience applying Agile methodologies to security engineering workflows\n
  • Proficiency with enterprise scanning tools such as Tenable, Burp Suite, Defender for Endpoint, ACAS, ESS, and Tanium\n
  • Strong communication skills for both technical and non-technical audiences\n
  • Ability to manage multiple tasks in a dynamic environment\n, * Experience with Security Onion\n
  • Familiarity with back-end security analysis tools such as Suricata, Yara, Sigma, Elasticsearch, Logstash, Kibana, Elastic Fleet, PCAP, OSquery, and Zeek\n
  • Experience with Splunk, Elasticsearch SIEM, and SOAR platforms\n

Benefits & conditions

n\ud83d\ude80 Cyber Security Engineer / ISSE - Lead Security Engineering for Mission-Critical Systems\n \n Leidos is seeking a \nCyber Security Engineer / Information Systems Security Engineer (ISSE) to support a high-visibility, mission-essential enterprise program. In this role, you'll apply deep security engineering expertise to design, assess, and harden complex systems while guiding them through the full \nRisk Management Framework (RMF) lifecycle. If you thrive at the intersection of technical engineering, cybersecurity strategy, and accreditation excellence, this is where your impact will be felt immediately.\n \n You'll collaborate with accreditation authorities, system owners, and engineering teams to ensure systems achieve and maintain \nAuthorization to Operate (ATO) while meeting the highest security standards.\n \n \n\ud83c\udf10 What You'll Do\n \n As a senior security engineer, you'll shape the security posture of mission-critical applications and lead the engineering of RMF artifacts across a large-scale enterprise environment.\n \n \nYour responsibilities include:\n \n \n \n

  • Supporting mission-critical applications through the full ATO lifecycle in alignment with customer security policies\n
  • Leading security engineering efforts and contributing to system design with a focus on secure architecture\n
  • Ensuring ATO packages adhere to RMF and DoD security guidelines by working closely with technical leads, developers, and system owners\n
  • Providing expert ISSE guidance across engineering tasks and projects\n
  • Defining system functions, information types, operating environments, and security requirements\n
  • Producing security artifacts and evidence for RMF control validation\n
  • Reviewing and tailoring security controls to ensure adequate protection\n
  • Determining assurance measures to meet system assurance requirements\n
  • Designing and implementing security controls and best practices, including Zero Trust Architecture\n
  • Conducting A&A activities and coordinating with DAO representatives and security teams\n
  • Creating and updating RMF documentation and artifacts in eMASS\n
  • Reviewing system audit logs and taking corrective action when needed\n
  • Performing security monitoring, audits, and control assessments using enterprise tool suites\n
  • Delivering technical briefings and TEMs to communicate security concepts to non-technical stakeholders\n
  • Developing security assessment criteria to ensure development teams meet A&A requirements\n
  • Ensuring compliance with encryption standards and secure communications\n
  • Staying ahead of emerging security trends and technologies to support future mission needs\n
  • Mentoring team members and supporting project execution across the security engineering team\n

Apply for this position