Description Minimum/General Experience: Seven (7) years of experience as an Information System Security Engineer (ISSE) on programs and contracts of similar scope, type, and complexity is required. Minimum/General Experience: Shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies.Minimum/General Experience:Applies system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non­ repudiation, availability, and access control); and security testing. Supports security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering.Original Posting Date:2024-05-29While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $81,250.00 - $146,875.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Are you interested in working for a Fortune 500 Company At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and fulfill our customers’ most challenging requirements. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business and is a hallmark of our long-standing tradition.Leidos National Security Sector is searching for Navy Qualified Validator (NQV) Security Engineer with an active Secret clearanceand direct Validator experience utilizing eMASS to work on customer site at the Naval Surface Warfare Center, Dahlgren, VA (NSWCDD). In this role, you will provide Validation Services and Sustainment Support for Systems/Networks RMF security authorization packages and provide RMF ATO maintenance for Information Systems necessary for NSWCDD and SWCDD Dam Neck Activity (DNA) to meet mission and operational objectives.Additionally, you'll facilitate the RMF process, the Platform Information Technology Certification services and other A&A processes associated with validation and sustainment of the cybersecurity authorization packages. Each package represents a system or a network (comprising various devices, etc.) that requires authorization to operate in support of the NSWCDD mission.Primary ResponsibilitiesAssess and document risk, perform security control assessments, and document compliant and failed security controls in eMASS.Recommend corrections to eMASS record.Assist with eMASS data entry requirements and population.Complete a Security Assessment Report in conjunction with the SCA, based on assessment results.Prepare the SAR Executive Summary, with all assessment results, for SCAL review.Perform a Risk Assessment of a systems or network's security controls, known threats and vulnerabilities.Support updates to the POA&M based on the assessment results.Ensure traceability of vulnerabilities from raw assessment results to the POA & M.Support the continuous monitoring programJob QualificationsA Bachelor's degree with 8+ years of experience with DoD Security Control assessments and DIACAP/RMF; additional experience may be considered in lieu of degreeA current DoD Secret level of clearanceAn Active Navy Qualified Validator certification or the ability to obtain within 6 months from date of startAn IAM II Certification (CAP, CASP+ CE, CISM, CISSP, GSLC, CCISO)Expertise configuring, running ACAS/Nessus, other vulnerability scansExperience with all phases of eMASSEIO2024Original Posting Date:2024-02-23While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Looking for an opportunity to make an impact At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer’s success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. With Leidos, you will enjoy competitive benefits such as four weeks of Paid Time Off, Flexible Schedules, Discounted Stock Purchase Plans, Unlimited Education and Training Support, Parental Paid Leave, and more!If this sounds like an environment where you can thrive, keep reading!The Leidos National Security Sector has numerous career opportunities for Information Systems Security Officers (ISSO) and Information Systems Security Engineers (ISSE) on our Leidos-led Prime Programs supporting the Ft. Meade, MD customer. Our work locations range from North and South Laurel, Columbia, Annapolis Junction, Linthicum and Ft. Meade, MD.Possible ISSO Job Duties:Provides aid to the program, organization, system, or enclave’s information assurance program.Lends assistance for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.Evaluates security solutions to ensure they meet security requirements for processing classified information.Performs vulnerability/risk assessment analysis to support certification and accreditation.Provides configuration management (CM) for information system security software, hardware, and firmware.Manages changes to system and assesses the security impact of those changes.Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).Assists security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF).Possible ISSE Job Duties (in addition to ISSO duties above)Perform and/or review technical security assessments of computing environments to identify points of vulnerability, non- compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.Validate and verify system security requirements definitions and analysis and establishes system security designs.Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.Build IA into systems deployed to operational environments.Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.Enforce the design and implementation of trusted relations among external systems and architectures.Assess and mitigate system security threats/risks throughout the program life cycle.Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.Apply system security engineering expertise in one or more of the following: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off- the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.Support security authorization activities in compliance with customer Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed customer business processes for security engineering.Minimum RequirementsActive TS/SCI with polygraph security clearanceBachelors Degree, candidates with out higher level education will be considered if they have extensive relevant ISSO or ISSE experienceDoD 8570 Certification compliance related to level of position. This could include one or more of the following IAT II, IAM I, II or III or IASAE I, II or III:Security+ CECISSPCASP+ CEISSEPFive (5) or more years of experience as an ISSO or ISSEFive (5) or more years of experience with MD customer security suiteCONMDOriginal Posting Date:2024-04-29While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $122,200.00 - $220,900.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Looking for an opportunity to make an impact At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer’s success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. With Leidos, you will enjoy competitive benefits such as four weeks of Paid Time Off, Flexible Schedules, Discounted Stock Purchase Plans, Unlimited Education and Training Support, Parental Paid Leave, and more!If this sounds like an environment where you can thrive, keep reading!Are you ready to join an incredible technical team working on cutting-edge technologies Leidos has landed a massive, multi-year contract that involves developing, integrating, deploying, and sustaining large collection systems. This prime contract is critical to the government and allows team members to work independently and explore new and emerging technologies. If you're passionate about solving tough problems with true mission relevance, this is the opportunity you've been waiting for!Your greatest work is ahead!Are you ready to make an impact Begin your journey of a flourishing and meaningful career The Leidos National Security Sector has a career opportunity on our Leidos-led Prime Program for a Senior Information Systems Security Officer (ISSO) at our customer site in Annapolis Junction, MDThe Challenge:Provides aid to the program, organization, system, or enclave’s information assurance program.Lends assistance for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.Evaluates security solutions to ensure they meet security requirements for processing classified information.Performs vulnerability/risk assessment analysis to support certification and accreditation.Provides configuration management (CM) for information system security software, hardware, and firmware.Manages changes to system and assesses the security impact of those changes.Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).Assists security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF).What Sets You Apart (required):Bachelor of Science degree in Computer Science, Information Assurance, Information Security, or related discipline and 8 or more years of related experience, in lieu of Bachelor's Degree or a Technical Bachelor’s Degree an additional 4 Years of experience will be considered.Minimum of 7+ years of experience as an ISSO supporting IC or DoD programs and contracts of similar scope, type, and complexity.DoD 8570 compliance with IAM Level II or IAT Level III (i.e., CASP, CISSP, or Associate)Clearance Required:Active TS/SCI with Polygraph Security ClearanceKQWconmdOriginal Posting Date:2024-05-07While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Looking for an opportunity to make an impact At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer’s success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. With Leidos, you will enjoy competitive benefits such as four or more weeks of Paid Time Off, Flexible Schedules, Discounted Stock Purchase Plans, Unlimited Education and Training Support, Parental Paid Leave, and more!If this sounds like an environment where you can thrive, keep reading!Our program is a large, multi-year contract for the development, integration, deployment, and sustainment of large, collection systems. The work that's being done on this Leidos-led, prime contract is extremely important to the government and offers its team members the opportunity to work autonomously and explore new technologies. Join a tremendous technical team solving hard problems with true mission relevance on emerging technologies.Your greatest work is ahead!The Leidos National Security Sector is seeking a highly experienced, hands-on, information security professional that wants to be part of a dynamic team, supporting an exciting mission.As a Principal Information Systems Security Officer (ISSO), you will be the senior staff member of a small team in Annapolis Junction, MD. This opportunity will have a direct impact maintaining and improving the security posturewithin our customer organization.Are you ready to join a team dedicated to a mission Begin your journey of a flourishing and meaningful career, share your resume with us today!Your Main Objective:Provide support for a program, organization, system, or enclave’s information assurance program as assigned by the Technical Task Order Lead.Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.Assist with the management of security aspects of the information system and perform continuous monitoring activities.Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and automation to enterprise solutions. Complete self-tests and perform vulnerability/risk assessment analysis to support the Assessment and Authorization (A&A) of information systems.Provide configuration management (CM) for information system security software, hardware, and firmware; and manage changes to system and assesses the security impact of those changes.Perform as subject matter expert and perform security control selection, implementation, and testing of systems and applicationsPerform security authorization and reauthorization activities in accordance with our customer and DoD Risk Management Framework (RMF), and prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Control Traceability Matrices (SCTMs).Train and oversee the technical work of less experience personnel.What Sets You Apart (Required)Active Top Secret/SCI with polygraph security clearanceMasters Degree and 15+ years of related experience or Bachelors Degree and 19 or more years of related experienceTechnical Degrees are required - HOWEVER an additional 4 years of related experience will be considered in lieu of a technical degreeA minimum of 14+ years of experience as an ISSO supporting IC or DoD programs and contracts of similar scope, type, and complexity;DoD 8570 compliance with IAM Level III or IAT Level III (i.e., CISSP)Combination of practical and progressive experience as an ISSO/ISSE/ISSM Team Lead or Technical Project LeadBreadth of knowledge on IA tools and technologies (i.e., Splunk, Nessus, VPN, IDS/IPS, Firewall)Proficient with our customer's IA Analysis and Reporting tools and corporate repositories and STE/STN Playbooks, implementation and complianceEffective interpersonal and communications skills and outstanding technical writing and presentation skillsTeam player, working with dynamic teams, and with minimal guidanceYou Might Also Have: (Highly Desirable Individual Capabilities/Experience)Demonstrated operational proficiency with internetworking and server technologies (i.e., Routing, Switching, TCP/IP, DNS, RHEL, Windows)Practitioner of information security (IS) and project management principles (i.e., PMP)Knowledgeable with and implement applicable IS laws, regulations, policy, standards and proceduresAt Leidos, the opportunities are boundless. We challenge our staff with interesting assignments that allow them to thrive professionally and personally. For us, helping you grow your career is good business. We look forward to learning more about you – apply today! KQWconmdOriginal Posting Date:2024-05-07While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $144,300.00 - $260,850.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Leidos is looking for a Senior System Security Engineer to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology to support a large, complex, fast-paced program. Program execution follows DEVOPS best practices and employs robust development, test, and production environments. Our team of security engineers support enhancements to system security architecture and cyber security capabilities; manage multiple system security plans for development, test and production systems at multiple classification levels following the Risk Management Framework (RMF); manage cross domain capabilities; and support Security Verification Testing (SVT) of relevant Type 1 devices. Leidos is the prime contractor providing system engineering, development, test, integration, and operational support. This new program is focused on injecting new technology and adding advanced capabilities while continuing to support an on-going mission and operational system.Job Summary:A Senior Security Engineer is needed to provide support for adding new capabilities to a complex system with exacting interface, performance, and security requirements. The selected individual will become part of a team of Security Engineers working on solving challenging issues on a large, significant program. The position requires a solid understanding of security practices and policies as well as hands-on vulnerability testing experience. The selected individual will collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems.Primary Responsibilities:The selected candidate will have numerous responsibilities from day to day drawn from a wide array of activities. The strongest candidates will have experience working in these areas:Validating and verifying system security requirements and establishing system security designs for large-scale systems, major system elements, and interfacing systems that are part of a large complex network environment with geographically distributed components.Identifying and implementing appropriate information security architectures and functionality to ensure uniform application of security policy and enterprise solutions.Recommending and developing technical solutions, products, and standards based on current and desired system security architecture.Assessing and mitigating system security threats and risks throughout the program life cycle.Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations.Effectively collaborating with other internal technical experts on a day-to-day basis.Communicating with Program Managers and POCs from customer organizations when necessary, regarding Security issues of significant importance.Participating in program increment planning and related agile team activities.Working closely with System Engineering, Test Engineering, and Integration teams to ensure that the hardware and software architecture and implementation meets the security requirements for processing classified information.Analyzing and assessing system implementation against multiple security compliance policies and recommending and implementing enhancements.Evaluating the impact of new development on the operational security posture of the system.Evaluating, reviewing, and testing security-critical software.Proposing, assessing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.Auditing and assessing system security configuration settings using common methodologies and tools.Managing and enforcing security strategies and policies that effect various components of the geographically distributed systems.Evaluating security solutions to ensure they meet customer specified requirements for processing classified information.Providing configuration management for security-relevant information system software.Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams.Formulating security compliance requirements for new system features.Identifying and remediating security issues throughout the system.Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions.Working with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors and remediation approaches.Planning and conducting security verification testing of relevant type 1 devices.Security Clearance requirement:Candidates must possess an active TS/SCI with polygraph to be considered for this role.Basic Qualifications:Bachelor’s degree in computer science, Information Assurance, Information Security System Engineering, or related discipline and at least twelve (12) years of relevant experience. Additional experience may be substituted for a Degree.DoD 8570 compliance with IASAE Level 3 is required.Must have Computer Information Systems Security Professional (CISSP) Certification.Must have experience applying Risk Management Framework.Must have experience formulating and assessing IT security policy.Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services.Must have experience with secure configurations of commonly used desktop and server operating systems.Must be comfortable working on multiple systems and components simultaneously in various configurations.Must have strong verbal and written communications skills.Must be committed to adopting and adhering to best practices.Must be able to effectively plan and prioritize tasking and communicate clearly regarding technical options and trade-offs.Must be capable of performing high quality work both independently and with a team in a fast-moving environment.Preferred Qualifications:Five (5) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development.Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and implementation.Experience with penetration testing tools.Experience with scripting languages.CSSKEYCONMDcareers.leidos.com/CONMDOriginal Posting Date:2024-03-25While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $122,200.00 - $220,900.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Leidos is looking for a Senior Security Engineer to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology to support a fast-paced, complex program. Program execution follows DEVOPS best practices and employs robust development, test and production environments. Our team of security engineers support enhancements to system security architecture and cyber security capabilities; manage multiple system security plans for development, test and production systems following the Risk Management Framework (RMF); manage cross domain capabilities; and support Security Verification Testing (SVT) of relevant Type 1 devices. The contract provides system engineering, development, test, integration and operational support, and is focused on injecting new technology and adding advanced capabilities while continuing to support an on-going operational system.Job Summary:A Senior Security Engineer is needed to provide support for adding new capabilities to a complex system with exacting interface, performance and security requirements. The selected individual will become part of a team of Security Engineers working on solving challenging issues on a large, significant program. The position requires a solid understanding of security practices and policies as well as hands-on vulnerability testing experience. The selected individual will collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems.Primary Responsibilities:The selected candidate will have numerous responsibilities from day to day drawn from a wide array of activities. The strongest candidates will have experience working in these areas:Validating and verifying system security requirements and establishing system security designs for large-scale systems, major system elements, and interfacing systems that are part of a large complex network environment with geographically distributed components.Identifying and implementing appropriate information security architectures and functionality to ensure uniform application of security policy and enterprise solutions.Recommending and developing technical solutions, products, and standards based on current and desired system security architecture.Assessing and mitigating system security threats and risks throughout the program life cycle.Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations.Effectively collaborating with other internal technical experts on a day-to-day basis.Communicating with Program Managers and POCs from customer organizations when necessary, regarding Security issues of significant importance.Participating in Program Increment Planning and related agile team activities.Working closely with System Engineering, Test Engineering, and Integration teams to ensure that the hardware and software architecture and implementation meets security requirements.Analyzing and assessing system implementation against multiple security compliance policies and recommending and implementing enhancements.Evaluating security solutions to ensure they meet customer specified requirements for processing information.Evaluating the impact of new development on the operational security posture of the system.Evaluating, reviewing, and testing critical software.Proposing, assessing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.Auditing and assessing system security configuration settings using common methodologies and tools.Managing and enforcing security strategies and policies that effect various components of geographically distributed systems.Providing configuration management for security-relevant information system software.Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams.Formulating security compliance requirements for new system features.Identifying and remediating security issues throughout the system.Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions.Working with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors and remediation approaches.Planning and conducting security verification testing of relevant type 1 devices.Security Clearance Requirement:All candidates must possess an active TS/SCI with polygraph security clearance to be considered for this role.Basic Qualifications:Bachelor’s degree in computer science, Information Assurance, Information Security System Engineering, or a related discipline and a minimum of eight (8) years of relevant experience. Additional experience may be substituted for a degree.Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience.Must have experience applying Risk Management Framework.Must have experience formulating and assessing IT security policy.Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services.Must have experience with secure configurations of commonly used desktop and server operating systems.Must be comfortable working on multiple systems and components simultaneously in various configurations.Must have strong verbal and written communications skills.Must be committed to adopting and adhering to best practices.Must be able to effectively plan and prioritize tasking and communicate clearly regarding technical options and trade-offs.Must be capable of performing high quality work both independently and with a team in a fast-moving environment.Preferred Qualifications:Five (5) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development.DoD 8570 compliance with IASAE Level 2 or 3.Information Systems Security Engineering Professional (ISSEP) Certification.Computer Information Systems Security Professional (CISSP) Certification.Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and implementation.Experience with penetration testing tools.Experience with scripting languages.careers.leidos.com/CONMDCSSKEYCONMDOriginal Posting Date:2024-03-01While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Program SummaryAs an ISSE you will join a small team of senior professionals providing Information Assurance (IA) Architecture Analysis and Security Engineering Support for the implementation and fielding of the National Leadership Command Capability in support of Nuclear Command, Control, and Communications (NC3), Continuity of Government (COG), and Senior Leader communications. The ISSE will perform in a consultant like role providing technical knowledge, expertise and advice to our customer.Primary Responsibilities:The ISSE shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations and recommended mitigation strategies.This includes:Validates and verifies system security requirements definitions and analysis and establishes system security designDesigns, develops, implements and/or integrates IA and security systems and system components including those for networking, computing and enclave environment to include those with multiple enclaves and with differing data protection/classification requirementsBuilds IA into systems deployed to operation environmentsAssist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutionsSupports the building of security architecturesEnforces the design and implementation of trusted relations among external systems and architectureAssesses and mitigates system security threats/risk throughout the program life cycleContributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operationsReviews C&A documentation, providing feedback on completeness and compliance of its contentCLEARANCE REQUIRED: Active TS/SCI with polygraph. US Citizenship required. CCA cases may be considered.QualificationsBachelor’s degree from an accredited university ideally in Computer Science, Information Assurance, Information Security System Engineering or related field with a minimum of 12 years of experience as an Information Systems Security Engineer (ISSE) or Network Engineer on programs and/or contracts with the customer spaceCISSP OR CASP certification requiredCISSP - ISSEP DoD approved 8570 baseline certification for Level III position onlyStrong writing skillsConfidence and ability to present briefing to senior level DoD officials in both prepared briefings and/or in ad hoc discussions.Additionally, the candidate must also possess the following knowledge, skills and abilities:Expertise in network technology and systems security engineering. Experience in identifying, researching, characterizing, and documenting security weaknesses related to operating systems, software applications, firmware, network hardware components, as well as network architecture design and documented policies and procedures.Experience developing and documenting system security requirements and conducting requirements gap analysis.Knowledge of, and practical experience with the NIST Special Publications 800 Series, CNSSI 1253, and DoD 8500.Experience with network technologies and the ability to demonstrate knowledge of network protocols, communications systems and architecturesShould have significant hands on experience implementing security and/or network components, i.e. routers, firewalls, IPS, IDS, etc.Ability to work independently within a schedule and with little direction.CONMDcareers.leidos.com/CONMDOriginal Posting Date:2024-02-02While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $122,200.00 - $220,900.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description In joining the Leidos Accredited Testing and Evaluation (AT&E, Common Criteria/FIPS) team, you will get an exciting opportunity to work in the growing IT Security field in support of National defense. The products you will touch will be deployed into larger systems and/or deployments to facilitate secure communications for our military in the modern cyber warfare environment. Come be a part of an expanding industry that is integral in ensuring our National Security. You’ll get an opportunity to learn from Industry experts work with various Commercial off the Shelf products across many technology types and be able to use your skillset in a hands-on lab environment.Below are some of the benefits of working with Leidos on the AT&E team:Performance based career development – well defined roles with actionable qualifications. Empowering employees to promotions based upon skills and not time.Flexible hours within the constructs of the workdayOpportunity to attend industry related conferences and seminars.Maintain Work-Life balance in an environment that values your health and time outside the workplace. Opportunity to work with and learn from experts in the given discipline in an open environment.Great team comraderyTuition reimbursement within appropriate disciplinesWhat You Will Get to Do:The selected candidate will work on varied FIPS 140 validation projects.General security analysisDesign work (product architecture)Vulnerability testingPhysical security testingSystem-level logical analysisProduct evaluations against Technology Type standards (Protection Profiles)Cryptographic and Public Key Infrastructure (PKI) testingCryptographic algorithm testingSource code review activitiesTechnical report writing and review.Testing automation through scriptingDevelop applications to support test cases.You Will Bring These Qualifications:Cryptographic Validation Program (CVP) CertificationKnowledge of cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, random number generators, etc.Experience with various programming languages (C, C++, Python or Java) and development environments.Ability to comprehend security standard requirements and apply them to products.Experience setting up networks and familiarity with subnetting and routing concepts.Knowledge of common security related protocols and their design (i.e. SSH, IPsec, TLS, etc.).Experience building testing environments, performing testing and reporting results (technical writing).Strong troubleshooting and problem-solving skills.Strong multitasking and time management.These Qualifications Would be Nice to Have:Experience with Python programming languageExperience with debugging (Android debug bridge (adb), WinDBG, Visual Studio, etc.).Experience with statistical analysis of entropy sources.Knowledge of OpenSSL and/or OpenPGP.Vulnerability Analysis and/or penetration testing experience/expertise.Strong knowledge of computer security principles and best practices.Strong English (both oral and written) skills.Related certifications (CCNA/CCNP/CCIE, JNCIA/JNCIS/JNCIP/JNCIE).Knowledge of Active Directory and Linux.Hands on experience using tools such as an oscilloscope, function generator, multi-meter, signal generator, etc.Knowledge of X.509 certificate validation.EDUCATION & EXPERIENCE: Typically requires a BS degree with 2 - 4 years of prior relevant experience.Original Posting Date:2024-02-15While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $65,000.00 - $117,500.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Leidos is seeking a Cyber Security InfoSec Engineer will provide support for a 150+ FTE technical development program supporting the Sponsor’s Entitlement Programs as well as IdAM /ICAM, Authentication, Authorization, Attributes and Digital Policy Management. The Cyber Security Engineer will target, assess, exploit, and report risks and vulnerabilities of information systems to provide senior decision makers with actionable data. Cyber Security Engineers are responsible for IT security/vulnerability assessments and managing overall network security using network and security-related hardware and software.Primary Responsibilities• Identify and define applicable security controls and responses for the project• Review responses, enter responses into the cyber risk management platform, and update risks• Identify common controls and draft common control language for the cyber risk management platform• Perform security maintenance duties, such as performing analyses of vulnerabilities and providing recommended resolutions• Maintain awareness of system level changes, ensure proper patch levels, and upload cyclic scans to the appropriate repositories• Achieve and maintain system accreditation, including providing guidance, plans, and evidence and maintaining documentation• Perform regular reviews, such as audits, and review security test results• Participate in or lead technical exchange meetings and application review boards and document action items and results• Brief management on statusRequired Qualifications• Active TS/SCI with Polygraph• Prior experience with programs of similar size and complexity• Experience with the Sponsor and the Sponsor’s mission• BS degree and 12+ years of experience. Additional experience in lieu of degree.• Demonstrated work experience in cyber security or related IT field• Demonstrated experience performing complex technical tasks with minimal direction• Demonstrated experience designing, testing, or implementing IT security architecture• Demonstrated experience performing network security analysis• Demonstrated experience developing risk management methodologies• Demonstrated experience analyzing test results to develop risk/threat mitigation plans• Demonstrated experience communicating vulnerability results and risk posture to senior executivesDesired Qualifications• Certified Information Systems Security Professional (CISSP)• Experience with the Sponsor’s entitlement management programs• PMP, SAFe Agilist Certification, AWS certificationOriginal Posting Date:2024-06-12While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $122,200.00 - $220,900.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Leidos is seeking a Cyber Security InfoSec Engineer will provide support for a 150+ FTE technical development program supporting the Sponsor’s Entitlement Programs as well as IdAM /ICAM, Authentication, Authorization, Attributes and Digital Policy Management. The Cyber Security Engineer will target, assess, exploit, and report risks and vulnerabilities of information systems to provide senior decision makers with actionable data. Cyber Security Engineers are responsible for IT security/vulnerability assessments and managing overall network security using network and security-related hardware and software.Primary Responsibilities• Identify and define applicable security controls and responses for the project• Review responses, enter responses into the cyber risk management platform, and update risks• Identify common controls and draft common control language for the cyber risk management platform• Perform security maintenance duties, such as performing analyses of vulnerabilities and providing recommended resolutions• Maintain awareness of system level changes, ensure proper patch levels, and upload cyclic scans to the appropriate repositories• Achieve and maintain system accreditation, including providing guidance, plans, and evidence and maintaining documentation• Perform regular reviews, such as audits, and review security test results• Participate in or lead technical exchange meetings and application review boards and document action items and results• Brief management on statusRequired Qualifications• Active TS/SCI with Polygraph• Prior experience with programs of similar size and complexity• Experience with the Sponsor and the Sponsor’s mission• BS degree and 12+ years of experience. Additional experience in lieu of degree.• Demonstrated work experience in cyber security or related IT field• Demonstrated experience performing complex technical tasks with minimal direction• Demonstrated experience designing, testing, or implementing IT security architecture• Demonstrated experience performing network security analysis• Demonstrated experience developing risk management methodologies• Demonstrated experience analyzing test results to develop risk/threat mitigation plans• Demonstrated experience communicating vulnerability results and risk posture to senior executivesDesired Qualifications• Certified Information Systems Security Professional (CISSP)• Experience with the Sponsor’s entitlement management programs• PMP, SAFe Agilist Certification, AWS certificationOriginal Posting Date:2024-06-12While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $122,200.00 - $220,900.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Description Leidos Defense has a dynamic opportunity for a Computer Network Defense (CND) Security Engineer to work at our customer site at the National Maritime Intelligence Center, Suitland, MD. In this role you will provide operations, engineering, technical and program management services to support cyber related requirements and operations. You will routinely work independently to achieve critical mission objectives.Become a member of the team leading the way with Computer Network Defense for our DoD customer. As a Computer Network Defense expert, you’ll be working with a team of forward thinking, innovative, and highly motivated System Administrator, Network and Security Engineers dedicated to implementing and leveraging the latest technologies to secure, protect, assess, and monitor fielded IT capabilities against a full range of internal and external threats. In addition to a competitive salary and benefits, the position offers a schedule that promotes a healthy work/life balance.Great News! Program is now offering additional Paid Time Off or a Sign-on Bonus!What Will You DoPerform overall analysis and monitor Threat Events in McAfee/Trellix ePO, Splunk Enterprise, Palo Alto Firewall/IDPS and RSA Authentication Manager.Perform analysis and investigation of endpoint alerts to include malware, virus, rogue system detection, and removable media. Use existing and author new Splunk Dashboards to visualize and investigate program data. Perform regular ACAS scans on program systems. Assist in the research in emerging technologies and assess their technical and performance characteristics.Provide input to the development and maintenance of documentation for each project and system to include Requirements and Design Documents, Implementation Plans, Concept of Operations, Risk Management Framework Documentation, System / Network Diagrams, Work Breakdown Structure Project Schedule, Installation & Configuration Guides, Operations & Maintenance Guides and Analyst Operations GuidesPerform general system administration tasks, apply and update STIGs, run SCAP benchmark scans, OS and application patching and management for VMware ESXi, Windows 10 and Server 2016, Ubuntu Linux and the various appliances and applications in use by the program.What Sets You Apart (job qualifications)A current DoD Top Secret/SCI security clearance.Active IAT Level II DoD Approved 8570 Baseline Certification (e.g., Security+ CE) or higher, or the ability to obtain within 30 days from offer of acceptance.A Bachelor's degree with 4+ years of experience. Additional experience, trainings, or certifications may be considered in lieu of a degree.3+ years of experience in the CND discipline.Experience in design, development, integration, implementation, operation, and analysis of cyber security technologies used within the DoD and IC as well as knowledge of federal cyber security initiatives.Experience in engineering, testing, configuration/tuning, administration and operational use of vulnerability management and assessment technologies such as McAfee/Trellix ePO, and Security Information and Event Management systems (i.e. Splunk)Experience in conducting vulnerability assessments using Tenable (ACAS), SCAP benchmark scans, and subsequent remediation of security control deficiencies.Experience with Risk Management Framework standards and policies.Preferred (nice to have)VMware ESXI experience.Nessus Tenable Vulnerability Management Tool Experience.Expert knowledge of ACAS Scanning.NITESONIEIO2024Original Posting Date:2024-06-06While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $81,250.00 - $146,875.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.