Cyber Security Engineer-Technical Lead
Role details
Job location
Tech stack
Job description
Leidos has an exciting opportunity for Cyber Security Engineer-Technical Lead in our Intel Security Sector's Analysis Solutions Business Area. Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. At Leidos, we offer competitive benefits, including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in National Security!, This role is responsible for protecting the customer's information systems and networks from potential cyber-attacks. The Cyber Security Engineer- Technical Lead will serve in a hands-on "player-coach" capacity, dedicating approximately 75% of time to direct technical engineering, troubleshooting, and implementation work, while providing technical leadership and coordination across the security team. The candidate must display an excellent understanding of technology and utilization of Firewalls (Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and Security Audits. Candidate will work directly with Team leads, developers, operations personnel, and other Technical Leads throughout a DevSecOps life cycle both on policy and technical implementation of technologies. This is not a supervisory management role. Success in this position is measured by individual technical contribution and resolution of complex security issues, in addition to technical leadership impact., * Plan, implement, manage, monitor, and upgrade security controls and tools used to protect enterprise systems and networks, while identifying opportunities to automate repeatable operations tasks.
- Design, configure, implement, troubleshoot, and maintain security technologies such as firewalls (security groups), endpoint protection tools (HBSS/Trellix), SIEM platforms (Splunk),
- Formulate systems and methodologies as well as respond to security related events and assist in remediation efforts of cyber security incidents (system and/or network breaches, malware attacks)
- Participate in change management processes to ensure system changes maintain security compliance and do not introduce new vulnerabilities.
- Conduct routine vulnerability scanning and assessment activities, provide formal and informal reports to technical teams, and track remediation efforts to closure.
- Provide technical leadership and subject matter expertise to the security engineering team while coordinating with peer Technical Leads across infrastructure and application domains to ensure alignment of architecture and security controls.
- Serve as the primary technical escalation point for complex or cross-domain security issues while mentoring junior engineers through collaborative troubleshooting and hands-on technical guidance.
Requirements
- Experience implementing and managing Security Information and Event Management (SIEM) tools such as Splunk or similar platforms.
- Experience working with endpoint and network security technologies, including IDS/IPS, HBSS/Trellix, and related defensive security tools.
- Expert with automation (e.g., Ansible, CloudFormation)
- Demonstrated history of personally implementing, troubleshooting, and maintaining security technologies in production environments.
- Proven ability to balance technical leadership responsibilities with significant hands-on engineering work. Strong attention to detail with analytical mind outstanding problem-solving skills
- Monitor security advisories, bulletins, and industry threat intelligence to stay informed of current vulnerabilities, threats, and trends.
- Requires Master's degree and 15 or more years of prior relevant experience. Additional years of experience may be substituted in lieu of a degree. To be considered, you must have an active TS/SCI with polygraph security clearance, * Experience with additional security tools and processes such as IDS/IPS, VPN, GitHub, GitLab, SonarQube
- Experience with implementing and managing network and application firewalls, virtual private networks, firewalls, web protocols, incident detection, incident response, and forensics activities,
- Experience with Agile software development processes/environments, scripting /programming languages such as Python or PowerShell. (e.g., React), DevOpsSec pipelines and tools
- Familiar with Cloud Computing Technologies and Services (AWS, Oracle, Google)
- Knowledge of potential attack vectors such as XSS, injection, hijacking and social engineering
- Experience with health monitoring tools (SolarWinds) and using STIG viewers/tools to assess compliance with standards
- Experience with database systems, search engines, web applications, Linux Red Hat environments, Windows environment
Benefits & conditions
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .
