Leidos currently has an exciting career opportunity for a Chief Security Engineer to work at our Annapolis Junction, Maryland location. This is an exciting opportunity to use your experience to support an important, fast-paced, mission critical program.
This is a challenging and rewarding opportunity on a mission-critical program for a Chief Security Engineer who likes to be hands on in the technical area. The selected individual will be responsible for leading all Security Engineering efforts of a large, complex, network environment with geographically distributed systems. He/she will provide technical leadership and direction to support sound Security system engineering concepts and will be heavily involved in testing the system. The selected individual will collaborate with other engineers and technical experts in providing improvements to the operational, test, integration, and development systems. Responsibilities will also include ensuring the development environment meets STE/STN requirements and maintaining ATOs on 14 SSPs.
• Responsible for the overall security architecture, ensuring all security related requirements are met;
• Provide SME support for the overall security architecture.
• Set security strategy, including risk assessment, risk management, security control assessment, continuous monitoring, service design, and general IA program support functions;
• Identify security issues throughout the system and make recommendations to remediate those issues;
• Develop and implement static and dynamic application security tests and penetration tests;
• Work with development teams to enrich understanding of different types of vulnerabilities, attack vectors and remediation approaches;
• Lead a small team of program security engineers in day-to-day activities;
• Work with program ISSOs to ensure STE/STN and continuous monitoring requirements are being met for Test and Integration and Development systems.
• Requires Bachelor's Degree in Information Technology, Information Assurance, or related field and 12 - 15 years of relevant experience or a Master's Degree and 10 - 13 years of relevant experience. Additional years of relevant professional experience may be considered in lieu of a Degree;
• Demonstrated knowledge of and experience with current security tools, hardware/software security implementation, communication protocols, encryption techniques/tools, and/ web services;
• Experience formulating and assessing IT security policy;
• Direct experience interfacing with software developers, software testers, integration, deployment, and/or sustainment personnel;
• Must be committed to developing and adhering to best practices.
• Must be a solutions-oriented team player, and must possess a high level of self-initiative;
• Must be a good communicator and have excellent interpersonal skills.
• Twelve (12) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development.
• Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
• Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and implementation.
External Referral Eligible