InfoSec Systems Engineer SME
7090 Chantilly VA, United States
Full Time Clearance required USD 148K - 269K
Primary Responsibilities
Collaborating with the various customer security organizations to ensure RMF processes are followed and documented, policy is translated to operational procedures, while proper tools are leveraged in both the operational centers and throughout the field
Develop and update Assessment & Authorization (A&A) documentation (Body of Evidence) for management and continuous monitoring of information systems.
Attend weekly peer review and engineering boards as needed to provide InfoSec expertise on various topics.
Developing security policies, processes and procedures including information security operational documents, along with the verification that security policies and procedures are enforced
Apply cyber security standards, directives, guidance, and policies to an architectural framework.
Provide broad based experience in the systems engineering lifecycle and apply the experience to specific cyber security initiatives relating to architectural design and development.
Port/vulnerability scanning and analysis according to policy
Coordinate with System Administrators and other operations and engineering staff to remediate all vulnerabilities and report results to appropriate stakeholders
Track common vulnerabilities and exposures (CVE) based security threats and map to internal controls and remediation plans.
Participate in data and root cause analysis for each service impacting incident with all possible corrective actions for improvement.
Conducting security audits
Development and delivery of presentations
Security product trade studies
Basic Qualifications:
Master's degree and at least 15 years of related experience or Bachelor's with at least 18 years of prior relevant experience or 20 years of experience in lieu of degree
Clearance: Active TS/SCI with polygraph required
Currently possess DoD 8750 certification at IAT level II or higher.
Broad range of knowledge into the latest tools and techniques used to secure both IPv4 & IPv6 network
Strong oral and written communications skills
Experience with the Risk Management Framework (RMF) and ICD 503 Security Accreditation processes.
Demonstrated experience analyzing test results to develop risk/threat mitigation plans
Demonstrated experience communicating vulnerability results and risk posture to senior executives
Understanding of DoD and IC security policies and mandates
Experience coordinating with Information System Security Managers (ISSM) in testing, documenting, and achieving accreditation of systems throughout the development process, and achieving operational acceptance.
Original Posting Date:
2025-02-19While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $148,850.00 - $269,075.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Tags: Audits Clearance DoD ICD 503 Incident response Monitoring Polygraph Risk management RMF TS/SCI Vulnerabilities
Perks/benefits: Equity / stock options
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.