Security Engineer

Description

Leidos has a career opportunity for a Security Engineer to support the Air Force National Capital Region IT Services program.

The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR, missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas required are IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E); and National Military Command Center (NMCC). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment.

• Lead efforts in system and application hardening using DISA Security Technical Implementation Guides (STIGs).
• Utilize tools such as STIG Viewer, SCAP Compliance Checker (SCC), and resources on Cyber.mil to assess and remediate system vulnerabilities.
• Analyze vulnerability scan data from ACAS (Assured Compliance Assessment Solution) and translate findings into actionable remediation strategies.
• Ensure compliance with DoD Information Assurance policies and support risk assessments.
• Prepare and maintain security documentation, including System Security Plans (SSPs) and Plan of Action and Milestones (POA&Ms).
• Support and respond to Cybersecurity Inspections, Command Cyber Readiness Inspections (CCRI), or Cyber Operational Readiness Assessments (CORA).
• Collaborate with systems engineers, network engineers, and other security professionals to develop secure architectures and implement security controls across systems and platforms.
• Provide recommendations to improve the security posture of existing and new systems.
• Experience with Powershell and Evaluate STIG.

• Bachelor's degree in Computer Science, Cybersecurity, Information Assurance, or related discipline and 8+ years of relevant experience. Additional experience may be considered in lieu of a degree.
• Active DoD Secret clearance (Top Secret preferred).
• IAT Level II or III certification (e.g., Security+, CISSP, CASP+, or equivalent).

• Applying STIGs and system hardening techniques for Windows and Linux systems.
• STIG Viewer, SCC, and Cyber.mil tools.
• ACAS/Nessus scan analysis and reporting.
• Understanding of RMF (Risk Management Framework) and NIST 800-53/800-171 controls.

• Experience supporting CCRI, CORA, or other Cyber Readiness Assessments.
• Familiarity with DoD mission systems and infrastructure.
• Working knowledge of HBSS, SIEM tools, and network security monitoring.
• Experience writing SSPs, POA&Ms, and supporting ATO (Authorization to Operate) processes.
• Experience with Automation of system hardening via GPO, PowerShell, Ansible, Satellite.