Description

We are seeking a Cyber Security Engineer (SME). This role is responsible for protecting the customer's information systems and networks from potential cyber-attacks. The Cyber Security Engineer must display an excellent understanding of technology and utilization of Firewalls (Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and Security Audits.Candidates will work directly with Team leads, developers and operations personnel throughout a DevSecOps life cycle both on policy and technical implementation of technologies. This role is a hybrid role with a combination of some onsite and remote.

Primary Responsibilities:

• Plan, implement, manage, monitor, and upgrade security measures and tools for the protections of information systems and networks and automate repeatable tasks in a consultative role

• Design, configure, implement, troubleshoot, and maintain all security platforms and their associated software, such as firewalls (Security Groups), intrusion detection/intrusion prevention, anti-virus/malware (HBSS), cryptography systems (Vormetric), SIEM (Splunk), and MDM

• Formulate systems and methodologies as well as respond to security related events and assist in remediation effortsof cyber security incidents (system and/or network breaches, malware attacks)

• Participate in the change management process

• Coordinate, and monitor log analysis for our managed services offerings, to ensure customer policy and security requirements are met

Basic Qualifications:

• Expert with at least one of the following tools: Splunk, HBSS/McAfee, Rapid7

• Expert with implementing and managing \SIEM (e.g., Splunk), end-point security (IDS/IPS and HBSS)

• Expert knowledge of networking protocols, such as TCP/IP, LAN/WAN concepts

• Expert with automation (e.g., Ansible, CloudFormation)

• Strong attention to detail with analytical mind outstanding problem-solving skills

• Awareness of Cybersecurity trends and hacking techniques.

**Active TS/SCI with polygraph.

**Candidate must have a Master's degree with 15 or more years of prior relevant experience in order to operate within the scope contemplated by the level.

Preferred Qualifications:

• Experience with additional security tools and processes such as IDS/IPS, VPN, Webinspect, Appdetective

• Experience with implementing and managing Network and Application Firewalls\

• Experience with incident detection, incident response and forensics activities

• Experience with scripting languages (Python, Power Shell)

• Experience with Cloud Computing Technologies/Amazon Web Services (AWS)

• Experience with Agile Software Development

• AWS Certification

• Experience maintaining virtual private networks, firewalls, web protocols

• Experience with SAFe Agile Framework

• Knowledge of potential attack vectors such as XSS, injection, hijacking and social engineering

• Experience with health monitoring tools (Nagios, SolarWinds)

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.