Information Systems Security Engineer

Linux DevOps Ansible Firewall NIST 800 Equities Scripting Terraform Automation Subnetwork Market Data NIST 800-37 NIST 800-53 AI Security Open Mindset Communication Routing Table Cloud Security System Software Network Routing Ancient History Network Security Agile Methodology Security Analysis Workflow Management Amazon Web Services Cloud Infrastructure Technological Change Programming Languages Continuous Monitoring Vulnerability Scanning Command-Line Interface Database Administration Security Implementation Bash (Scripting Language) Assessment And Authorization Information Systems Security Scrum (Software Development) Infrastructure as Code (IaC) Security Requirements Analysis Virtual Private Networks (VPN) Systems Development Life Cycle Software Development Life Cycle AWS Certified Cloud Practitioner Troubleshooting (Problem Solving) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance), Leidos is seeking an Information Systems Security Engineer (ISSE) for a technical development program supporting cloud-based applications, and its associated cloud infrastructure located on a highly secure network. The ISSE will work with a large team of developers, system engineers, DevOps engineers, database administrators, and system architects.

Core business hours for the team are from 9 AM to 3 PM daily - exceptions outside of those hours for the candidate may be negotiated in consultation with management.

The typical day for an ISSE supporting the cloud-based applications is as follows:

• The ISSE will participate in the team's regularly scheduled Agile tag up (scrum) meetings and report on the status of their assigned Jira issues
• Attend ad-hoc TEMs with the team to discuss and weigh in on numerous architectural aspects of the systems for assessing security impacts that may arise with system changes
• Assist with and/or lead security scans of the systems and report and analyze findings for impacts
• Review any security findings (CVEs) as noted by outside entities for system impact analysis and how best to proceed with addressing them
• Participate in team TEMs and review future system changes/new features for security impacts

Primary Responsibilities

• Identifying, selecting, implementing and assessing NIST SP 800-53 security and privacy controls.
• Developing, establishing and integrating secure configuration baselines per DISA STIGs and CIS benchmark guidelines
• Participate in creating secure architectures and designs
• Ensuring security requirements are integrated into the System/Software Development life cycle (SDLC).
• Performing Continuous Monitoring (ConMon) activities to support Assessment and Authorization (A&A) requirements
• Reviewing, creating and maintaining relevant Assessment and Authorization (A&A) artifacts
• Performing security analysis and monitoring of a 100 percent AWS, cloud-based system
• Performing vulnerability scanning and analysis of the system
• Perform remediation and develop security implementations based on security findings
• Interface with Information System Security Managers (ISSM) to develop and accredit the system
• Participate in or lead technical exchange meetings, document meeting outcomes as needed, and brief management, All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. Related Jobs SME Cybersecurity Systems Engineer Leidos Gaithersburg, MD*On-Site Auditing Equities Analytics Scalability Market Data Data Storage Promulgation Data Analysis Cyber Defense Cyber Security Team Leadership Ancient History Computer Science Machine Learning Product Planning Security Controls Technical Standard Security Strategies Systems Engineering Information Systems User Interface (UI) GIAC Certifications User Experience (UX) Systems Architecture Information Assurance Continuous Monitoring Cyber Security Systems Artificial Intelligence Security Implementation IT Security Architecture Site Reliability Engineering Continuous Improvement Process Milestones (Project Management) Model Based Systems Engineering GIAC Certified Intrusion Analyst GIAC Certified Forensics Analyst Artificial Intelligence Infrastructure Application Programming Interface (API) Counter Intelligence Polygraph (CI Clearance) CompTIA Advanced Security Practitioner (CASP+) Security Information And Event Management (SIEM) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0

Google Cybersecurity Senior Information Security Engineer Leidos Chantilly, VA*On-Site JIRA Linux DevOps Ansible Firewall NIST 800 Equities Scripting Terraform Automation Subnetwork Market Data NIST 800-37 NIST 800-53 AI Security Open Mindset Communication Routing Table Cloud Security System Software Network Routing Ancient History Network Security Agile Methodology Security Analysis Workflow Management Amazon Web Services Cloud Infrastructure Technological Change Programming Languages Continuous Monitoring Vulnerability Scanning Command-Line Interface Database Administration Security Implementation Bash (Scripting Language) Assessment And Authorization Information Systems Security Scrum (Software Development) Infrastructure as Code (IaC) Security Requirements Analysis Virtual Private Networks (VPN) Systems Development Life Cycle Software Development Life Cycle AWS Certified Cloud Practitioner Troubleshooting (Problem Solving) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0

Google IT Support Splunk Engineer Leidos Ashburn, VA*On-Site JIRA Linux Splunk Editing Ansible Equities Dashboard Scripting Leadership Management Automation ServiceNow Market Data RESTful API Self-Starter Microsoft 365 Cyber Security Prioritization Cloud Services Cloud Security Problem Solving Ancient History CompTIA Security+ Cyber Engineering Windows PowerShell Wide Area Networks Workflow Management Systems Engineering Amazon Web Services Integration Testing Information Systems Local Area Networks Regular Expressions Enterprise Security Atlassian Confluence Business Intelligence Requirements Analysis Information Technology Configuration Management

• Bachelor's degree and 12+ years of experience. Additional experience in lieu of degree.
• Active TS/SCI with Polygraph
• Other qualifications:

• Hands on experience with Linux (CLI)
• Hands on experience with scripting and programming languages like BASH and Python
• Solid understanding of, experience with networking (e.g., ports, routing tables, subnets, VPNs, firewalls, routers, etc.) to include design, integration and troubleshooting issues
• Experience in working on teams utilizing Agile workflows and processes
• Strong understanding of NIST SP 800-37, NIST SP 800-53, NIST SP 800-160, DISA/CIS STIGs, and Common Vulnerabilities and Exposures (CVEs)
• Experience with RMF workflow tools
• Strong communication, organizational, and writing skills.
• Must be able to clearly and directly articulate their findings and recommendations.
• Must be open minded to considering alternative approaches to possible security issues noted by other team members, * Relevant IT certifications (e.g., CISSP, AWS Cloud Practitioner, AWS Cloud Security, AI security, etc.)

• Experience working with Infrastructure as Code (IaC) solutions such as Ansible / Terraform, or other configuration and automation tools
• Experience in working in a cloud-based environment (AWS), Cyber Threat Intelligence IAT Level II Certification Splunk Enterprise Security Network Planning And Design Git (Version Control System) Python (Programming Language) Troubleshooting (Problem Solving) JavaScript (Programming Language) Intrusion Detection And Prevention Federal Information Security Management Act Certified Information Systems Security Professional +0

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares., Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .