Information Assurance Engineer

Posted 2 Days Ago
Be an Early Applicant
Gaithersburg, MD
101K-183K Annually
Mid level
Information Technology • Software
The Role
The Information Assurance Engineer will oversee the security compliance and assurance of IT operating environments, manage security assessments and audits, and collaborate with stakeholders to ensure secure system design. Responsibilities include developing security documents, preparing management reports, leading incident response activities, and staying updated with security trends.
Summary Generated by Built In

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.

The Digital Modernization Sector at Leidos currently has an opening for an Information Assurance Engineer position to work in the Leidos Gaithersburg, MD office. The ideal candidate for this role will be required to work 1 day onsite in the Leidos Gaithersburg, MD office and 4 days remotely per week. This is an exciting opportunity for a candidate who possesses proven experience in information assurance and security engineering. This position will support Leidos Digital Modernization’s mission in the federal civilian government agencies.

In this mission, Leidos delivers innovative and secure IT solutions through the efforts of our diverse and talented people who are dedicated to our customer’s success. The ideal candidate should possess progressively responsible work experience in an organization that has a strong information security practice, be motivated to advance in a DevSecOps environment, and has career goals of becoming a Chief Information Security Officer or Security Architect. Candidate must be able to work independently and efficiently in a fast-paced, dynamic environment.

ISSO Job Duties:

1. Candidate shall have a technical background, and have a thorough understanding of federal security requirements and guidelines (e.g., 800-53 Rev 5 and M-22-09) and be able to clearly explain how each control should be implemented using industry’s best practices.

2. Be responsible and accountable for the security well-being of IT operating environments, and must be able to proactively manage security compliance and collaborate with system owners, developers, and other stakeholders to ensure secure system design and operation.

3. Independently conduct regular security assessments and audits, and provide documented assessment results and recommendations to the senior management team.

4. Develop, update, and maintain security documents including System Security Plans (SSPs), Risk Assessment, PTA/PIA and other security documentation.

5. Develop management level security reports and presentation, and present security status to customer stakeholders on a regular basis.

6. Familiarity with Cyber Security Assessment and Management (CSAM), including POAM management and maintenance of controls under NIST SP 800-53 Rev. 5.

7. Develop incident response exercise scenarios and lead the execution of the exercise.

8. Lead incident response team and conduct investigations in the event of a security breach.

9. Lead security authorization activities in compliance with FISMA and federal agency’s security authorization requirements.

10. Lead Continuous Monitoring in the hybrid multi-cloud environment for potential security threats and vulnerabilities.

11. Stay updated with the latest security trends, threats, and mitigation techniques.

Possible ISSE Duties (In addition to ISSO duties above):

1. Independently use security tools such as Tenable Nessus and web security scanners to conduct security scans, analyze results and identify false positives vs. risks.

2. Evaluates security solutions to ensure they meet security requirements for processing sensitive and PII data.

3. Coordinate with the agency CISO and other security personnel to enhance the security posture of the environment.

4. Perform and/or review technical security assessments of computing environments to identify points of vulnerability, non- compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.

5. Validate and verify system security requirements definitions and analysis and establishes system security designs.

6. Design, develop and integrate IA and security systems and system components including those for networking, computing, and cloud environments.

7. Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.

8. Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.

Basic Qualifications:

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or closely related field of study.

  • Minimum 7 years of experience in federal information system security as ISSO, security lead or security engineer for complex systems.

  • Excellent written and oral communications skills.Candidates will be evaluated on proficiency of oral presentation development and presentation skills, and technical documentation written skills. Candidates might be required to submit sample written document and presentation.

  • Active certifications such as CISSP, CISA, CISM or CCSP are required (certifications will be verified).

  • Ability to obtain a government security clearance.

  • Solid understanding of the Federal Information Security Modernization Act (FISMA), OMB regulations and NIST security standards.

  • Proven experience in risk management, and hands-on experience in identifying, analyzing, monitoring, and mitigating risks.

  • Proficiency in vulnerability management, including patch management, regular system scanning, and mitigation.

  • Strong background in ensuring the security of cloud-based and traditional hosting environments, with a focus on achieving FISMA and FedRAMP compliance.

  • Cloud security knowledge in AWS and Azure.

  • Capability of handling parallel tasks according to priorities in a fast-paced IT environment.

Preferred Qualifications:

  • DMV location is preferred

  • Incident response experience

  • Hands-on experience on Windows, Linux and networking platforms

  • Experience deploying and customizing security tools to address threats and lower risk: vulnerability scanners, static analyzers, web application firewalls, IDS/IPS, malware analysis, network traffic flow and packet analysis, cloud security posture management (CSPM), etc.

  • Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST)

  • Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.

Original Posting Date:2024-07-29

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Top Skills

Nist Sp 800-53
The Company
Alexandria, VA
27,104 Employees
On-site Workplace

What We Do

We Are Leidos

For 50 years we have been tackling some of the biggest problems that face our nation and our world.

OUR MISSION
Through our culture of innovation and history of performance, we develop deep customer trust built on integrity and create enduring solutions that improve our world. Leidos is a science and technology solutions leader working to address some of the world’s toughest challenges in the defense, intelligence, homeland security, civil, and healthcare markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020.

Leidos was cited for the meaningful work employees perform that is challenging, impactful, and aligned with our customers’ missions as reasons professionals want to work and stay at our company. Leidos has also been named to lists including Forbes’ Best Employers for Diversity, Forbes’ America’s Best Employers for Women, Military Times Best for Vets Employers, and Ethisphere Institute’s World's Most Ethical Companies®.

Employees enjoy career enrichment opportunities available through mobility and development and experience rewarding relationships with supportive supervisors and talented colleagues and customers. Employees appreciate our flexible work environment, allowing for and encouraging a true work-life balance. Our professionals are also excited about our Employee Resource Groups, like the newly launched Collaborative Outreach with Remote and Embedded Employees (CORE), which strives to create an environment where every employee, regardless of location, feels fully engaged as a valued employee of Leidos.

Your most important work is ahead.

Similar Jobs

PingWind Logo PingWind

Senior Information Assurance Engineer

Information Technology • Consulting
Adelphi, MD, USA
142 Employees

PingWind Logo PingWind

Information Assurance Engineer

Information Technology • Consulting
Adelphi, MD, USA
142 Employees

PwC Logo PwC

Cloud Data & Analytics Senior Manager (Financial Services-Insurance)

Artificial Intelligence • Professional Services • Business Intelligence • Consulting • Cybersecurity • Generative AI
Hybrid
Baltimore, MD, USA
364000 Employees
130K-256K Annually

EchoStar Logo EchoStar

Network Engineer - International Products & Operations

Aerospace • Cloud • Digital Media • Information Technology • Mobile • News + Entertainment • Retail
Germantown, MD, USA
14500 Employees
107K-107K Annually

Similar Companies Hiring

bet365 Thumbnail
Software • Gaming • eSports • Digital Media • Automation
Denver, Colorado
6100 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
InCommodities Thumbnail
Renewable Energy • Machine Learning • Information Technology • Energy • Automation • Analytics
Austin, TX
234 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account