CompTIA Cybersecurity Analyst
Role details
Job location
Tech stack
Job description
Equities Scripting Operations Accounting Kubernetes Market Data Micro Focus Communication Secure Coding Elasticsearch Cyber Security Cloud Security Market Research Ancient History Machine Learning Data Engineering Wide Area Networks Rancher (Software) Container Security Security Solutions Information Systems Local Area Networks Software Engineering Top Secret Clearance Application Security Continuous Monitoring Information Technology Artificial Intelligence Configuration Management Agile Project Management Vulnerability Management Cyber Threat Intelligence Systems Development Life Cycle Software Development Life Cycle Intrusion Detection And Prevention Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST), The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Cyber Security Directorate (CSD) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations., Leidos is looking for an Application Security Engineer to support:
Application Security Operations and Maintenance, Application Security Configuration Management and Application Security Logging and Vulnerability Management :
- Ensure continuous monitoring of all CSD managed applications and implement an alerting system for critical incidents
- Participate in market research to identify new security solutions as required to avoid obsolescence and to improve the overall security posture
- Develop, deploy, maintain, and/or assist in the implementation and integration of Machine Learning (ML) and Artificial Intelligence (AI) into CBP's security tool suite.
- Integrate security best practices into the software development life cycle (SDLC) and ensure security is embedded from design to deployment.
- Utilize SAST tools to analyze source code for vulnerabilities.
- Work closely with development teams and ISSOs to remediate identified security issues.
- Conduct security assessments using Microfocus WebInspect and other DAST tools.
- Collaborate with development teams to address and remediate dynamic security findings.
- Implement and manage container security tools, with a focus on Anchore, to ensure secure container deployments.
- Provide recommendations for secure container orchestration.
- Work on ensuring systems and applications comply with Security Technical Implementation Guide
- Establish and maintain the definitive current basis for control and status accounting of application systems and their configuration items.
- Select configuration items at appropriate levels for application products to facilitate documentation, control
- Tune logging capabilities for efficiency, identify shortfalls, and recommend improvements and new technologies for application logging.
- Support the CSD Service Desk in managing and executing the Vulnerability Identification and Remediation process for applications., Linux DevOps Ansible Firewall NIST 800 Equities Scripting Terraform Automation Subnetwork Market Data NIST 800-37 NIST 800-53 AI Security Open Mindset Communication Routing Table Cloud Security System Software Network Routing Ancient History Network Security Agile Methodology Security Analysis Workflow Management Amazon Web Services Cloud Infrastructure Technological Change Programming Languages Continuous Monitoring Vulnerability Scanning Command-Line Interface Database Administration Security Implementation Bash (Scripting Language) Assessment And Authorization Information Systems Security Scrum (Software Development) Infrastructure as Code (IaC) Security Requirements Analysis Virtual Private Networks (VPN) Systems Development Life Cycle Software Development Life Cycle AWS Certified Cloud Practitioner Troubleshooting (Problem Solving) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0
Google IT Support Cybersecurity Engineer SME Leidos Bethesda, MDOn-Site Linux CI/CD Splunk Nessus Rapid7 Ansible Auditing Firewall Equities Scripting SonarQube DevSecOps Pipelines Operations Automation Purchasing Upskilling Market Data Coordinating Oracle Cloud Cryptography Investigation Cyber Security Key Management Risk Management Authentications Cloud Computing Ancient History Network Security Security Controls Incident Response CompTIA Security+ Digital Forensics System Monitoring Endpoint Security Cyber Engineering Analytical Method Windows PowerShell AWS CloudFormation Systems Engineering Amazon Web Services Time Off Management Security Engineering Software Development Contingency Planning Signals Intelligence Programming Languages Regulatory Frameworks Vulnerability Scanning Security Configuration Cyber Security Policies Configuration Management Vulnerability Management Certified Ethical Hacker Cyber Security Standards Cybersecurity Compliance Risk Management Framework Authorization (Computing) Cyber Threat Intelligence Cyber Security Assessment IT Security Documentation Agile Software Development Splunk Enterprise Security Google Cloud Platform (GCP) Computer Network Operations Change Management Processes Information Systems Security Customer Information Systems React.js (Javascript Library) Python (Programming Language) Enterprise Application Software Endpoint Detection And Response Troubleshooting (Problem Solving) Host Based Security System (HBSS) Intrusion Detection And Prevention CompTIA Cybersecurity Analyst (CySA+) Plan Of Action And Milestones (POA&M) Security Information And Event Management (SIEM) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0 Firewall Engineer Leidos Arlington, VAOn-Site Firewall Equities DevSecOps Operations Management Automation Market Data Consolidation Cyber Security Self-Motivation Working Capital Cloud Migration Service Catalog Virtual Routers Ancient History Customer Service Security Clearance Service Management Security Solutions Technology Roadmaps Networking Hardware Information Sharing GIAC Certifications Palo Alto Firewalls CompTIA Security+ CE Continuous Integration Continuous Development Web Application Security IAT Level II Certification Virtual Private Networks (VPN) Internet Protocol Security (IP SEC) CompTIA Cybersecurity Analyst (CySA+) Systems Security Certified Practitioner Information Technology Infrastructure Library GIAC Security Essentials Certification (GSEC) Counter Intelligence Polygraph (CI Clearance) GIAC Global Industrial Cyber Security Professional Cisco Certified Network Associate Security (CCNA Security) Top Secret-Sensitive Compartmented Information (TS/SCI Clearance)
Requirements
- BS degree in Information Technology, Software Engineering, or related field and 8 - 12 years of prior relevant experience
- 3+ years of prior experience in application security with a focus on SAST, SCA, DAST
- Knowledge of secure coding practices and integration into SDLC
- Familiarity with common security frameworks and standards
- Strong programming/scripting skills
- Excellent communication and collaboration skills
- Working in an Agile project management environment
- Must have a Top Secret Clearance with SCI
- Must be able to report into the Ashburn VA office up to 5 days per week., * Master's with 1-2 years of prior experience in application security with a focus on SAST, SCA, DAST
- Experience with data engineering tools such as Kubernetes/Rancher, Cloudera
- Experience with Configuration Management and IaC tools such as Salt or Ansible
- Experience with scripting languages, CI/CD tools, Elasticsearch, or Gitlab
- Experience working in an air-gapped environments
- Experience working in large computing environments (> 1,000 end-points)
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.
Benefits & conditions
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .