Information Systems Security Engineer (ISSE) SME

Leidos, Inc.
Bethesda, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 278K

Job location

Bethesda, United States of America

Tech stack

Amazon Web Services (AWS)
Systems Engineering
Configuration Management
Signals Intelligence
Computer Security
Continuous Integration
Monitoring of Systems
Intrusion Detection and Prevention
Information Systems Security Engineering Professional
Key Management
Network Security
Open Web Application Security
Security Information and Event Management
SonarQube
Google Cloud Platform
Computer Network Operations
Cloud Platform System
Nexpose
Oracle Cloud Infrastructure
Splunk
Devsecops
Static Application Security Testing
Vulnerability Analysis
Dynamic Application Security Testing

Job description

Leidos has an exciting opportunity for Information Systems Security Engineer (ISSE) SME in our Intel Security Sector's Analysis Solutions Business Area . Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. At Leidos , we offer competitive benefits , including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in National Security!, The Information Systems Security Engineer (ISSE) SME is responsible for designing, developing, and implementing secure information systems that support mission operations. The ISSE collaborates with multidisciplinary teams - including Information Systems Security Managers (ISSMs), software developers, systems engineers, and government stakeholders-to integrate effective security controls and ensure systems remain resilient against evolving threats and vulnerabilities.

The ISSE also installs and maintains security scanning tools, performs vulnerability assessments, and reviews scan results to identify and remediate security risks. Additionally, the role ensures security tools and controls are properly integrated into the DevSecOps CI/CD pipeline, supporting continuous security testing and monitoring throughout the system lifecycle.

Primary Responsibilities:

  • Applying system security engineering principles in areas such as system security design, lifecycle engineering, authentication and authorization mechanisms, cryptography, intrusion detection, contingency planning, incident handling, auditing, configuration management, and change control.
  • Conducting or supporting technical cybersecurity assessments and security audits.
  • Coordinating with cybersecurity personnel and recommending mitigation strategies to reduce risk.
  • Identifying system vulnerabilities and instances of non-compliance with cybersecurity standards and regulatory requirements.
  • Performing vulnerability scans using approved customer tools and generating reports detailing findings and remediation progress. Collaborating with DevSecOps teams to review vulnerability scan results and support remediation of identfieid security findings.
  • Install, configure, and maintain security scanning and monitoring tools, ensuring they are properly integrated within system environments and DevSecOps pipelines.
  • Support the Risk Management Framework (RMF) authorization process by reviewing security documentation and providing risk based recommendations to stakeholders regarding system risk posture as part of Authority to Operate (ATO) activities while managing and tracking Plans of Action and Milestones (POA&Ms) for customer-sponsored systems, coordinating with key stakeholders including ISSOs, ISSEs, ISSMs, and Security Control Assessors (SCAs).

Requirements

  • Experience conducting routine vulnerability scanning, providing formal and informal reports to technical teams, and tracking remediation activities. Experience reviewing security bulletins, threat intelligence, and vulnerability advisories to stay informed of current threats and emerging attack techniques.
  • Experience monitoring system and network security using Security Information and Event Management (SIEM) tools. Investigate and respond to cyber security incidents (system and/or network breaches, malware attacks).
  • Experience tracking Common Vulnerabilities and Exposures (CVEs) and mapping them to internal controls and remediation strategies.
  • Experience auditing systems to ensure compliance with secure configuration baselines and cybersecurity policies
  • Experience using at least two vulnerability scanning tools, such as AWS Inspector, Tenable Security Center, Rapid7 Nexpose, SonarQube, or OWASP security tools.
  • At least 1 Certification: CISSP, Splunk, Network+, Security+, OSCP, CEH, CASP+, ISSEP
  • Requires MS degree and 15 or more years of prior relevant experience. Additional years of experience may be substituted in lieu of a degree.

**To be considered must have an active TS/SCI with polygraph security clearance, * Experience with Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) tools.

  • Experience using Splunk, including creating dashboards and security monitoring visualizations.
  • Familiarity with cloud computing platforms, such as AWS, Oracle Cloud, or Google Cloud Platform (GCP).

Benefits & conditions

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

About the company

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares., Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .

Apply for this position