Information Systems Security Engineer

***UNFUNDED/CONTINGENT UPON AWARD***

Looking for an opportunity to make an impact?

The Digital Modernization Sector has an exciting career opportunity for an Information Systems Security Engineer in El Segundo, CA to support the US Space Force’s Space Systems Command (SSC), Operational Command and Control Acquisition Delta, known as Kobayashi Maru. This role is instrumental in the development and deployment of mission critical software for space defense, space domain awareness, and enabling data services. This role provides technical guidance on architecture, design, and implementation of secure systems.

THE CHALLENGE (primary responsibilities)

• Serve as Information Systems Security Engineer for cloud and hybrid cloud environments,
• Conduct security assessments, vulnerability analysis, and risk management for cloud-based and hybrid infrastructures, ensuring compliance with RMF (Risk Management Framework) standards.
• Author, review, coordinate and submit cybersecurity authorization required artifacts to eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and Authorization to Operate (ATO)
• Collaborate with development, infrastructure, and operations teams to implement security controls for cloud-based services such as AWS, Microsoft Azure, and Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI).
• Independently develop and maintain system security documentation, including drafting, reviewing, editing, and recommending guidance for Standard Operating Procedures (SOP), Tactics, Techniques, & Procedures (TTP), Plan of Action and Milestones (POA&M) and Federal Information Security Management Act (FISMA) Score Card.
• Ensure the secure integration of on-premises systems with cloud services, including identity and access management, data protection, and network security controls.
• Support the Authorization to Operate (ATO) process by preparing and maintaining security artifacts, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Continuous Monitoring (ConMon) documentation.
• Evaluate and recommend security tools, technologies, and best practices for use in cloud and hybrid environments, such as CSPM (Cloud Security Posture Management) and SIEM solutions.
• Participate in systems development lifecycle (SDLC) with a focus on security
• Support system integration, testing, and troubleshooting for security compliance.
• Assisting with security audits, vulnerability assessments, and pen-testing activities.
• Monitor and respond to security incidents and threats within the cloud and hybrid environments, leveraging automation and orchestration to enhance incident response.
• Perform secure configuration and hardening of cloud-native services, virtual machines, and containers in accordance with industry standards like CIS Benchmarks and STIGs.
• Stay up-to-date on emerging threats, vulnerabilities, and cloud technologies to proactively strengthen the organization’s security posture.

WHAT SETS YOU APART (basic qualifications)

Basic Qualifications:

• US Citizen and Possession of a current Active DoD Secret Clearance
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field, and 4 – 8 years of prior relevant years of experience in information security engineering with a focus on cloud and hybrid cloud environments.
• Hands-on experience with AWS, Azure, or Google Cloud Platform security tools and configurations.
• Proficiency in cloud security frameworks such as CSA CCM (Cloud Controls Matrix), FedRAMP, or similar.
• Experience embedding security in CI/CD pipelines using tools like Jenkins, GitLab, or GitHub Actions.
• Strong understanding of identity and access management (IAM), data encryption, key management, and network security in cloud and hybrid systems.
• Experience with automation tools (e.g., Terraform, Ansible, or CloudFormation) and scripting languages (e.g., Python, PowerShell, or Bash) for security automation.
• Familiarity with containerization and orchestration platforms like Kubernetes.
• Strong analytical and problem-solving skills with the ability to communicate complex technical concepts to non-technical stakeholders.
• Possess Industry certifications such as CISSP, CCSP, AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer.
• Experience with zero trust architecture principles and implementations.
• Knowledge of hybrid cloud networking (e.g., VPNs, ExpressRoute, Direct Connect).
• Familiarity with DevSecOps pipelines and integration of security tools like SAST/DAST scanners.
• Experience conducting penetration testing or security assessments in cloud environments.
• Knowledge of advanced threat detection and prevention techniques, including EDR/XDR solutions.
• Your resume must demonstrate experience:
• Implementing Department of Defense cybersecurity policies, directives, instructions, and standards for software-intensive mission systems 
• Supporting milestones such as audits, IATT and ATOs.
• Developing Risk Management Framework assessment and authorization documentation.
• Writing and executing cybersecurity test procedures for validation of Risk Management Framework control compliance.
• Monitoring and analyzing outputs of cybersecurity-related tools for vulnerabilities, reportable security incidents, and residual risks.
• Reviewing and/or authoring documentation such as, Cybersecurity Strategies, Program Protection Plans, Anti-Tamper Plans, Counterintelligence Support Plans, Integrated Threat Assessment Reports, Operations Security Plans, Continuous Monitoring Plans, and Defensive Cyberspace Operations Plans.
• Working in eMASS and/or Xacta.

Preferred Qualifications, not required. 

• Master’s degree in computer science.
• Proficiency with SIEM tools like Splunk, Microsoft Sentinel, or AWS Security Hub.
• Knowledge of cloud-native security tools (e.g., AWS GuardDuty, Azure Defender, or Google Security Command Center).
• Experience in supporting compliance audits for hybrid environments (e.g., DoD Cloud SRG).

***UNFUNDED/CONTINGENT UPON AWARD***

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.