Information Systems Security Engineer

Core business hours for the team are from 9 AM to 3 PM daily - exceptions outside of those hours for the candidate may be negotiated in consultation with management.

The typical day for an ISSE supporting the cloud-based applications is as follows:

• The ISSE will participate in the team's regularly scheduled Agile tag up (scrum) meetings and report on the status of their assigned Jira issues
• Attend ad-hoc TEMs with the team to discuss and weigh in on numerous architectural aspects of the systems for assessing security impacts that may arise with system changes
• Assist with and/or lead security scans of the systems and report and analyze findings for impacts
• Review any security findings (CVEs) as noted by outside entities for system impact analysis and how best to proceed with addressing them
• Participate in team TEMs and review future system changes/new features for security impacts

Primary Responsibilities

• Identifying, selecting, implementing and assessing NIST SP 800-53 security and privacy controls.
• Developing, establishing and integrating secure configuration baselines per DISA STIGs and CIS benchmark guidelines
• Participate in creating secure architectures and designs
• Ensuring security requirements are integrated into the System/Software Development life cycle (SDLC).
• Performing Continuous Monitoring (ConMon) activities to support Assessment and Authorization (A&A) requirements
• Reviewing, creating and maintaining relevant Assessment and Authorization (A&A) artifacts
• Performing security analysis and monitoring of a 100 percent AWS, cloud-based system
• Performing vulnerability scanning and analysis of the system
• Perform remediation and develop security implementations based on security findings
• Interface with Information System Security Managers (ISSM) to develop and accredit the system
• Participate in or lead technical exchange meetings, document meeting outcomes as needed, and brief management

• Bachelor's degree and 8+ years of experience. Additional experience in lieu of degree.
• Active TS/SCI with Polygraph
• Other qualifications:

• Hands on experience with Linux (CLI)
• Hands on experience with scripting and programming languages like BASH and Python
• Solid understanding of, experience with networking (e.g., ports, routing tables, subnets, VPNs, firewalls, routers, etc.) to include design, integration and troubleshooting issues
• Experience in working on teams utilizing Agile workflows and processes
• Strong understanding of NIST SP 800-37, NIST SP 800-53, NIST SP 800-160, DISA/CIS STIGs, and Common Vulnerabilities and Exposures (CVEs)
• Experience with RMF workflow tools
• Strong communication, organizational, and writing skills.
• Must be able to clearly and directly articulate their findings and recommendations.
• Must be open minded to considering alternative approaches to possible security issues noted by other team members, * Relevant IT certifications (e.g., CISSP, AWS Cloud Practitioner, AWS Cloud Security, AI security, etc.)

• Experience working with Infrastructure as Code (IaC) solutions such as Ansible / Terraform, or other configuration and automation tools
• Experience in working in a cloud-based environment (AWS)

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.