Cyber Security Engineer

at Leidos
Location Fort Bragg, NC
Date Posted November 11, 2021
Category Default
Job Type Full-time

Description

Description

Job Description:

At Leidos, everything we do is built on our commitment to do the right thing for our customers, our employees, and our communities. Learn more about the values and culture that are the foundations of our business. Our mission is to make the world safer, healthier, and more efficient through information technology, engineering, and science. We offer a robust benefits package including competitive salaries; comprehensive medical, dental and vision coverage; flexible work schedule to allow for life/work balance; tuition reimbursement and more.

We are looking for a Cyber Security Engineer to be a part of the Leidos team which provides IT repair, maintenance, operations, logistics, and engineering services to ensure secure, reliable, and uninterrupted availability of Army Military Intelligence Enterprise IT Systems. The Cyber Security Engineer will work directly with INSCOM G6 and DIA Certifiers to obtain and maintain the JMICS Type Accreditation or “Type ATO” and will work directly with JMICS Systems Architect, Systems Engineer and Systems Administrators to ensure any changes to the JMICS systems are done in accordance to ICD-503 and DoD standards. In this role, you will monitor programs for unauthorized vulnerabilities and work with the JMICS Engineering group to remediate or mitigate findings.  The Cyber Security Engineer will also work with JMICS Government PM and JMICS Engineering group to create and maintain all JMICS ATO Documentation and system security documentation. This position supports the JMICS/C-JWICS systems at the Service Center, Fort Bragg, NC.

Primary Responsibilities

  • Design, evaluate and test systems security to ensure data and system integrity for the JMICS program.

  • Create and ensure the JMICS programs Information Assurance documentation, polices, and procedures are properly aligned to the standards set forth by DIA, DISA, DoD and Army Policy. Verify that said documentation is updated as required when policies change. Must be able to guide an information system successfully through the RMF Assess and Authorize (A&A) process to obtain an ATO.

  • Conduct routine risk assessments of the JMICS Program and each of the systems assigned to the program. Risk assessments include full system scans using ACAS, SCC, and Nessus, comparing system security settings to the applicable IAVA and STIG’s as they are updated by DISA.

  • Work with the JMICS Cyber Security team to harden the JMICS Secure Baseline.

  • Conduct site visits completing site level certification tests, site surveys, and risk analysis.

  • Ensure the JMICS Secure Baseline is properly maintained and secured as required by DIA, DISA, DoD, and Army policy. Verify said baselines are adjusted, adapted, and upgraded to ensure that all unauthorized vulnerabilities found during the risk assessments are properly removed or mitigated to an acceptable level and to ensure the software used within the JMICS program is approved IAW the APL.

  • Perform Research and Development to ensure all new software and hardware to be deployed on the JMICS system meets all the security requirements.

  • Develop and modify software tools to assist system admins in the advanced configuration and reconfiguration of the JMICS Information Systems.  

  • Serve as a member of the JMICS Configuration Management Board.         

Basic Qualifications

  • Bachelor's degree in a relevant field with 4+ years of related Information Assurance/Cyber Security experience. Additional training and/or years of experience maybe considered in lieu of a degree.

  • Specific experience with the following: writing\maintaining IA Policy and Procedures, Certification and Accreditation Process, DISA STIGS, system vulnerability scanning software (ACAS\Nessus and SCC preferred), Securing and Configuring Windows Server 2008/2016 and Windows 7/10, system virtualization (ESXi preferred), vulnerability management and remediation, cyber security incident response and handling, and Change Management processes.

  • Active DoD 8750 IA certification at IAM II: CISSP, CISM, or CASP.

  • Active DoD 8750 Computer Environment (CE) Certification relevant to the position: CompTIA Server+ or related.

  • Security clearance requirement: Active DoD TS/SCI security clearance.

Preferred Qualifications

  • Experience with Baseline Creation and Deployment (Sysprepping, Ghost, and virtual importing and exporting preferred.

  • Experience hardening and maintaining Windows 7/10, Windows Server 2008/2016, VMWare (ESXi) and RedHat Enterprise Linux platforms.

  • Experience with PowerShell Scripting

  • Experience with Vulnerability Scanning, DISA STIG’s, eMASS, Security Center/ACAS/Nessus

  • Experience with hardening Cisco networking devices

  • The ability to create and develop policy and procedures IAW security controls

  • Understanding of security control overlays

Pay Range:

Drop files here browse files ...