Information Systems Security Engineer ISSE

The Leidos Digital Modernization Sector has a career opportunity for an Information Systems Security Engineer / ISSE in support of the Air Force National Capital Region IT Services program.

The AFNCR Cybersecurity Team is seeking a highly skilled Information System Security Engineer (ISSE) to maintain and enhance the security posture of the National Military Command Center (NMCC) hardening. A deep understanding of operating systems, security tools, and server infrastructure is essential.

The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR, missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas required are IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E); and National Military Command Center (NMCC). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment. 

If this sounds like the kind of environment where you can thrive, keep reading!

The Leidos Digital Modernization Sector provides a diverse portfolio of systems, solutions, and services covering land, sea, air, space, and cyberspace for customers worldwide. Solutions for Defense include enterprise and mission IT, large-scale intelligence systems, command and control, geospatial and data analytics, cybersecurity, logistics, training, and intelligence analysis and operations support. Our team is solving the world’s toughest security challenges for customers with “can’t fail” missions. 

To explore and learn more, click here!

Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!

The ISSE will be responsible for the following
Security Tool Infrastructure Management:

• Primary responsibility for the backend infrastructure, deployment, patching, tuning, and overall health of security tools, including Tenable Nessus, Trellix ePO (HBSS/ESS), and associated Windows and Red Hat Linux servers.

• Proactively monitor system performance, identify bottlenecks, and implement solutions to ensure optimal operation of security tools.

• Develop and maintain standard operating procedures (SOPs) for security tool administration.

    
Vulnerability Management & System Hardening:

• Conduct technical security assessments of computing environments to identify points of vulnerability and recommend mitigation strategies.

• Implement Security Technical Implementation Guides (STIGs) on Windows and Red Hat Linux systems.

• Develop and implement security designs for new and existing network systems, ensuring hardware, operating systems, and software applications adequately address cybersecurity requirements.

Remediation & Continuous Monitoring:

• Develop and implement approaches to mitigate IS and Network Environment vulnerabilities, recommending changes to network or network system components as needed.

Security Architecture & Integration:

• Build IA into systems deployed to operational environments, validating and verifying system security requirements, and establishing system security designs for stand-alone systems. Support security planning, assessment, risk analysis, and risk management.

Security Tool Troubleshooting & Support:

• Provide Tier 3 troubleshooting support for cybersecurity tools such as ACAS and HBSS/ESS.

RMF Support & Documentation:

• Support the documentation of security control implementations and gathering of artifacts to support Risk Management Framework (RMF) and ICD 503 Security Accreditation.

• Assist with RMF related tasks as needed.

Basic Required Skills & Experience

• Bachelor's degree and 8+ years of prior relevant experience or Master’s with 6+ years of prior relevant experience, additional years of applicable experience may be considered in lieu of a degree.

• Active Top Secret-SCI security clearance.

• Security+ certification.

• 5+ years of hands-on experience administering and maintaining Tenable Nessus, Trellix ePO (HBSS/ESS), and related security tools in a production environment.

• Proven ability to implement and validate STIGs on Windows and Red Hat Linux systems.

• Expertise in troubleshooting and resolving issues related to Nessus, ePO, and associated infrastructure components.

• Deep understanding of Windows and Linux operating systems, networking protocols, and security best practices.

• 5+ years of experience in systems engineering, including design and architecture.

• Demonstrated capability to identify security risks throughout information system network structures to include the Operating Systems, hardware, and various data transfer protocols.

• Effective communication and presentation skills.

• Strong planning, organizational, and time management skills.

• Demonstrated initiative and ability to work independently.

Preferred Qualifications 

• Ability to Run Evaluate-STIG scans on Windows and RHEL servers, as well as network devices.

• Knowledge of the process of obtaining licenses for all HBSS ePO’s and Tenable Security Centers.

• Thorough understanding of Information Security principles and Risk Assessment techniques.

Original Posting:

June 9, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.