DescriptionLeidos has an immediate need for a Security Engineer for a new customer on a highly-visible and strategic Cybersecurity Task Order. The Senior Security Engineer will need to be a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment and the ability to coordinate multiple, concurrent tasks in an effective manner. This individual will work with internal team members to ensure the systems are functional, secure, and scalable. The systems and networks developed will be used to collect and process data and improve the customer’s security infrastructure. The Senior Security Engineer will support the design and development of cybersecurity tools and technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide systems and networks.Primary Responsibilities:
Manage multiple assignments, changing priorities, and work independently with little oversight
Tackles large security projects, both of a technical and compliance nature. The senior engineer is expected to tackle difficult technical issues and changes with minimal oversight
Support all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same
Work closely with senior engineers, other team members and application owners to solve technical problems at the network, system and application levels
Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required
Documentation, Visio Diagrams and reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order
Resolve Linux system errors and crashes, disk space problems, huge file system and full disk errors
Experience in backend solution, day to day system admin and monitoring, file system management and disk management and creation of shell scripts for the automation of tasks and the extraction of logs
Hardware and software installations, upgrades, maintenance, security analysis and network performance and tuning of Windows and Linux servers in a virtual infrastructure
Define system security & design requirements to meet FISMA and FedRAMP compliance standards
Maintain a current working knowledge of IT development methodology, architecture design, security best practices, and technical standards
Communicate with other technical leads, IT groups, and customer reps so they understand all aspects of proposed changes/solutions
Provide follow-up reports (technical findings, feedback, resolution steps taken) for Root Cause analysis, engineering technical assessment and process improvement initiatives
Communicate security vulnerability reports and trends to ensure appropriate corrective action is taken
Develop, implement, communicate, and enforce security policies and/or processes for data, software applications, and cloud infrastructure
Superior attention to detail with excellent written and verbal communication, problem solving, researching and follow-up skills
Communicates with other technical leads, IT groups, and clients so they understand the project's technical implications, dependencies, and potential conflicts. Evaluates the impacts of change requests on own/shared technologies and effectively persuades and influences others on ideas
Understanding network security (firewalls and IDS) design and implementation
Basic Qualifications:
BS degree in Science, Technology, Engineering or related field and 8-12 years of prior relevant experience with a focus on cybersecurity. Additional years of experience/certifications may be considered in lieu of a degree.
Experience installing, configuring, securing, and troubleshooting Microsoft Windows Server and Red Hat Enterprise Linux or similar Linux distributions
Extensive automation experience with PowerShell and Shell Scripting for automating repeatable tasks and installations
Extensive knowledge of server operations and maintenance
Experience managing Active Directory (AD) and Azure Active Directory
Experience managing Active Directory Federation Services (AD FS) and single sign-on using SAML and PIV/CAC
Experience with Active Directory Group Policy management
Knowledge and experience supporting public key infrastructure (PKI)
Knowledge and experience implementing and supporting Active Directory Certificate Services (AD CS) and Azure Dedicated HSM
Knowledge and experience managing keys, certificates, certificate requests, and format conversions with OpenSSL
Understanding of cloud terminology, architecture, and tools to include installing, provisioning and monitoring
Experience installing, configuring, and maintaining tools such as Tanium, Nessus, Axonius, CrowdStrike, and CyberArk in a hybrid-cloud environment
Extensive knowledge of Ansible and Red Hat Satellite
Perform analysis of security posture by reviewing vulnerability and compliance scans and making recommendations for remediations and managing POA&Ms
Excellent problem solving, research, and follow-up skills
Ability to obtain an Entry of Duty (EOD) Public Trust
Candidate must, at a minimum, meet one of these certifications: CISSP, CCSP, CCNP, CCIE Security, CEH, RHCSA, RHCA, RHCE, MCSE, COMPTIA Security+, GCIH, GPEN, OSCP, OSCE, Azure Solutions Architect Expert
Preferred Qualifications:
Experience managing Palo Alto Networks VM-Series firewalls, AWS Network Firewall, AWS Network ACLs, AWS security groups, Azure Firewall, Azure network security groups, and related network resources
Experience managing Azure Virtual Desktop service
Solid understanding of developing and leveraging CI/CD pipelines (Continuous Integration/Continuous Deployment)
Additional Requirements:
Expertise with Microsoft Azure or AWS Cloud Platforms
Experience automating management tasks with Ansible, Puppet, or Chef
Experience working between different Cloud Provider environments (AWS, Azure, GCP)
Experience developing in Bash, Python, PowerShell
Experience working with SIEM tools such as Splunk to ingest, normalize, store, and maintain data from endpoint, network, and application source typesOriginal Posting Date:2024-03-13While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.#RemoteREQNUMBER: R-00131151All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.
Full-time