CompTIA Cybersecurity Analyst
Role details
Job location
Tech stack
Job description
Xacta Triage ICD 503 Teamwork Equities Scripting DevSecOps Pipelines Leadership Automation Purchasing Kubernetes Upskilling Encryption CNSSI 1253 Code Review Market Data NIST 800-37 Risk Analysis Secure Coding Cyber Security Cloud Services Cloud Security Shell Commands Security Tools Change Requests Ancient History Computer Science Machine Learning Event Management Database Servers Security Controls Operating Systems Agile Methodology Cyber Engineering Data Exploitation Amazon Web Services Network Engineering Time Off Management Software Development CompTIA Security+ CE Information Assurance Continuous Monitoring Cloud-Native Computing Vulnerability Scanning Artificial Intelligence IT Security Architecture Open Source Intelligence Vulnerability Assessments Bash (Scripting Language) Authorization (Computing) Dynamic Trunking Protocol Containerized Application IAM Level II Certification Perl (Programming Language) Python (Programming Language) Document And Media Exploitation Red Hat Certified Engineer (RHCE) Red Hat Certified Architect (RHCA) CompTIA Cybersecurity Analyst (CySA+) Governance Risk Management And Compliance Static Application Security Testing (SAST) Red Hat Certified System Administrator (RHCSA) Security Information And Event Management (SIEM) Certified Information Systems Security Professional Information Systems Security Architecture Professional Cisco Certified Network Associate Security (CCNA Security) Top Secret-Sensitive Compartmented Information (TS/SCI Clearance), Leidos has an exciting opening for you, our next Senior Cloud Cybersecurity Engineer, to play a critical role in the accreditation and operation of a state-of-the-art technology stack under the DOMEX Technology Platform (DTP) where we support our client's mission to centralize and standardize Tasking, Collection, Processing, Exploitation and Dissemination (TCPED) of Open Source Intelligence (OSINT) across the Defense and Intelligence Community enterprises. We leverage cloud-based computing, artificial intelligence (Al), machine learning (ML), and cross-domain transfer systems to provide cutting edge data exploitation, enrichment, triage, and analytics capabilities to the Defense Intelligence Enterprise., * Collect, review, assess, and provide feedback on system cybersecurity, architecture, and engineering artifacts
- Collect, review, assess, and provide feedback on system cybersecurity Body-of-Evidence (BOE) results required to support DoD & IC RMF cybersecurity authorization processes
- Conduct periodic compliance scanning, vulnerability assessments, and risk analysis for cloud-based systems
- Implement and manage security controls for containerized applications and the underlying cloud-based infrastructure
- Collaborate with DevSecOps, infrastructure, and software development teams to ensure secure coding and engineering practices
- Ensure integration of security measures into software development processes, CI/CD pipelines, and engineering tools
- Develop, maintain, and execute shell commands, scripts, and automation code for STIG compliance and validation
- Implement and manage continuous monitoring solutions of cloud-based architectures
- Support Government cybersecurity officials & program personnel in preparing cybersecurity packages, including Interim Authority to Test (IATT) packages, Authority to Operate (ATO) packages, and Change Requests (CRs)
- Stay current with emerging cloud security threats, technologies, and best practices, All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. Related Jobs SME Cybersecurity Systems Engineer Leidos Gaithersburg, MD*On-Site Auditing Equities Analytics Scalability Market Data Data Storage Promulgation Data Analysis Cyber Defense Cyber Security Team Leadership Ancient History Computer Science Machine Learning Product Planning Security Controls Technical Standard Security Strategies Systems Engineering Information Systems User Interface (UI) GIAC Certifications User Experience (UX) Systems Architecture Information Assurance Continuous Monitoring Cyber Security Systems Artificial Intelligence Security Implementation IT Security Architecture Site Reliability Engineering Continuous Improvement Process Milestones (Project Management) Model Based Systems Engineering GIAC Certified Intrusion Analyst GIAC Certified Forensics Analyst Artificial Intelligence Infrastructure Application Programming Interface (API) Counter Intelligence Polygraph (CI Clearance) CompTIA Advanced Security Practitioner (CASP+) Security Information And Event Management (SIEM) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0
Google Cybersecurity Senior Information Security Engineer Leidos Chantilly, VA*On-Site JIRA Linux DevOps Ansible Firewall NIST 800 Equities Scripting Terraform Automation Subnetwork Market Data NIST 800-37 NIST 800-53 AI Security Open Mindset Communication Routing Table Cloud Security System Software Network Routing Ancient History Network Security Agile Methodology Security Analysis Workflow Management Amazon Web Services Cloud Infrastructure Technological Change Programming Languages Continuous Monitoring Vulnerability Scanning Command-Line Interface Database Administration Security Implementation Bash (Scripting Language) Assessment And Authorization Information Systems Security Scrum (Software Development) Infrastructure as Code (IaC) Security Requirements Analysis Virtual Private Networks (VPN) Systems Development Life Cycle Software Development Life Cycle AWS Certified Cloud Practitioner Troubleshooting (Problem Solving) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0
Google IT Support Cybersecurity Engineer SME Leidos Bethesda, MD*On-Site Linux CI/CD Splunk Nessus Rapid7 Ansible Auditing Firewall Equities Scripting SonarQube DevSecOps Pipelines Operations Automation Purchasing Upskilling Market Data Coordinating Oracle Cloud Cryptography Investigation Cyber Security Key Management Risk Management Authentications Cloud Computing Ancient History Network Security Security Controls Incident Response CompTIA Security+ Digital Forensics System Monitoring Endpoint Security Cyber Engineering Analytical Method Windows PowerShell AWS CloudFormation Systems Engineering
Requirements
- Clearance: Active or current Top Secret with SCI eligibility and the ability to obtain Polygraph
- Education & Experience: Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or related technical discipline and 12-15 years of relevant experience OR Master's degree with 10-13 years of relevant experience. Additional years of experience may be considered in lieu of a degree. ISSO experience must be supplemented with demonstrated technical expertise.
- Certification: At least one DoD 8570.01-M IAT or IAM Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, CISSP (or Associate) and the ability to obtain Privileged User Account (PUA)/elevated access per DoD 8570 policy
To be successful in this role you will need:
- Hands-on experience with Linux operating systems and scripting languages such as Bash, Python, Perl or similar
- Experience with Commercial Cloud Services (C2S) and cloud-based enterprise services, preferably AWS
- Experience securing software applications and infrastructure by implementing security controls
- Experience supporting RMF processes such as authorization and continuous monitoring
- Experience with NIST SP 800-37, SP 800-53 Rev4 or Rev5, CNSSI 1253, and applicable DoDI publications
- Experience implementing and validating STIG compliance across operating system, database, server, and application tiers
- Experience with RMF/GRC platforms such as Xacta or eMASS
- Experience with performing compliance & vulnerability scans and related security tools for SIEM & event management, SAST, DAST
- Demonstrated understanding of unique security threats in the cloud and the required corresponding system security posture
- Demonstrated understanding of how to secure Kubernetes platforms and integrate security into CI/CD pipelines, containers, and platform orchestration tools.
You will wow us even more if you have these skills:
- Active TS/SCI with polygraph
- Experience supporting the Intelligence Community in RMF activities with ICD 503 and related compliance directives, policies, procedures
- Multiple IAT/IAM II or III advanced certifications such as:
- CISSP-ISSAP/ISSEP
- CISM
- CCSP
- Security X/CASP+
- Cloud certifications such as:
- AWS Solutions Architect
- AWS Security Specialty
- Kubernetes and Cloud Native Associate (KCNA)
- Certified Kubernetes Administrator (CKA)
- Certified Kubernetes Security Specialist (CKS)
- Linux certifications such as:
- Linux+
- Red Hat Certified System Administrator - Enterprise Linux (RHCSA)
- Red Hat Certified Engineer - Enterprise Linux (RHCE)
- Red Hat Certified Architect - Enterprise Linux (RHCA)
-
Prior network engineering experience with encryption and transport in the cloud
-
Experience applying DoW Zero Trust framework
-
Experience applying security controls to various AI implementations
-
Understanding of secure software development practices and code reviews in Agile and DevSecOps environments
-
NMECDTP-Leidos, Time Off Management Security Engineering Software Development Contingency Planning Signals Intelligence Programming Languages Regulatory Frameworks Vulnerability Scanning Security Configuration Cyber Security Policies Configuration Management Vulnerability Management Certified Ethical Hacker Cyber Security Standards Cybersecurity Compliance Risk Management Framework Authorization (Computing) Cyber Threat Intelligence Cyber Security Assessment IT Security Documentation Agile Software Development Splunk Enterprise Security Google Cloud Platform (GCP) Computer Network Operations Change Management Processes Information Systems Security Customer Information Systems React.js (Javascript Library) Python (Programming Language) Enterprise Application Software Endpoint Detection And Response Troubleshooting (Problem Solving) Host Based Security System (HBSS) Intrusion Detection And Prevention CompTIA Cybersecurity Analyst (CySA+) Plan Of Action And Milestones (POA&M) Security Information And Event Management (SIEM) Certified Information Systems Security Professional
Benefits & conditions
Through training, teamwork, and exposure to challenging technical work, let Leidos show how to accelerate your career path. At Leidos, we offer competitive benefits, including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in Analysis Solutions Business Area!, Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .