Cyber Security Engineer

Description

Summary: Leidos is seeking a TS/SCI Cyber Security Engineer to design, develop, and implement secure systems, focusing on innovation and collaboration within a mission-focused team. Highlights: 1. Design, develop, and implement secure systems in on-premises infrastructure. 2. Collaborate with diverse teams on systems and cyber security engineering tasks. 3. Expand capabilities in security with challenging and exciting work. Apply Now Description Leidos has an exciting opening for you, our next TS/SCI Cyber Security Engineer working across several Task Orders under the DOMEX Technology Plform (DTP) contract supporting NMEC. Have impact as part of a mission focused, solutions oriented, and adaptive team th values innovion, collaborion, and professional development.  As a Cyber Security Engineer, your job will be to design, develop, and implement secure systems in on-premises infrastructure. You will leverage on your experience with security technologies and industry best practices to ensure th security is integred into system design, development, testing, and deployment and th all security requirements are compliant with the DoD Risk Management Framework. This exciting and challenging work will help you expand your capabilities in security and will provide you with the skills and experience you need to achieve additional levels of the DoD 8570 IAT and IASAE Certificions.  While most work is conducted on-site our client locion in Bethesda, MD, we offer a flexible schedule and, occasionally, some tasks may be performed remotely. Percentage of remote work will vary based on client requirements/deliverables. In this role, you will collabore closely with ISSOs, ISSSMs, software engineers, software developers, system engineers and Government counterparts to perform the full spectrum of systems and cyber security engineering tasks to ensure our systems meet a variety of regulory compliance frameworks.  Key Tasks include the following: Support the secure architecture, design, and implemention of DoD systems in accordance with DoDI 8510.01, NIST SP 800-53, and other DoD security guidance. Lead the integrion of RMF activities into the system development lifecycle (SDLC), including selecting, implementing, and validing security controls. Develop and maintain key security documention such as System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and Plan of Action and Milestones (POA&Ms). Collabore with ISSOs, ISSMs, developers, and system owners to ensure systems are developed and maintained with approved security configurions. Apply Security Technical Implemention Guides (STIGs) to systems and valide compliance using tools such as SCAP, STIG Viewer, and ACAS. Maintain applicion, network, and dabase scanning infrastructure (applicion/product updes, dabase maintenance, benchmark/audit files, applicion/server builds, rule pack/content updes, scanner, or agent deployment etc.) Analyze vulnerability scans and ensure timely mitigion or acceptance of risks based on DoD policies. Provide technical input to support and maintain system authorizion. Participe in system reviews, architecture assessments, and engineering design reviews to embed cybersecurity from the outset. Develop and implement automion or security tools to improve the compliance and monitoring of systems. Support security incident response and forensics analysis in coordinion with ISSMs and Security points of contact. Requirements: BS degree and 8+ years of experience in cybersecurity. Additional relevant years of experience in lieu of degree is accepted. An active TS/SCI clearance with ability to obtain a Poly Have least one of the following DoD 8570.01-M IASAE Level II certificions: CISSP, CISSP-ISSAP, CISSP-ISSEP, CSSLP, or CASP+ CE. NOTE: the CISSP Associe is not acceptable Developer experience is preferred in a least one scripting / programming language. Experience with reviewing cybersecurity vulnerabilities for risk and relevance as well as in vulnerability mitigions/remediion planning, for identified systems, network, applicion and dabase vulnerabilities Ability to architect, design, troubleshoot, maintain, and deploy vulnerability scanning solutions such as (OWASP, Fortify, Sonarqube, Tenable, etc.) Experience with XACTA, EMass, or similar tool Strong in-depth understanding of including Microsoft Windows and Linux/UNIX opering systems Experience with middleware / web technologies (Apache, tomc, IIS, etc.) Experience with Dabases (Postgres, MS SQL, MySQL, ElasticSearch, etc.) Understanding of TCP/IP networking. Experience with Continuous Integrion and Continuous Delivery Plforms (Jenkins, Bamboo, GitlabCI TFS, etc.) Familiar with NIST 800-171, 800-172, NIST SSDF, and CMMC requirements. Experience with NIST Special Publicions e.g. NIST SP 800-27, 30, 37, 53, 60, 171, NIST SSDF, CMMC requirements, and CNSS publicion CNSSI 1253 Experience supporting DoD/IC systems through the entire Risk Management Framework Plus (RMF) process Experience establishing a System Security Engineering management process to integre security and privacy controls into complex hardware and software systems Experience developing and reviewing security concept of operions, systems security plans, security risk assessments, contingency plans, configurion management plans Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans Strong communicion skills; able to successfully communice with management personnel, technical personnel and third parties. You will wow us even more if you have these skills: Software development/coding experience with programming languages such as Python, Java, and React Successfully achieved ATO under RMF+ Experience with big da applicions Experience with tools for ticketing and documention (e.g., Gitlab, Jira, Confluence). Experience working in an Agile environment Experience with OIDC or Oauth2 Experience with any of the following technologies:Kubernetes, Rancher, Strimzi, or Cloudera Active Directory Scripting languages like bash, python, or PowerShell #NMECDTP-Leidos If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the stus quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already step 30 — and moving faster than anyone else dares. Original Posting: April 23, 2026 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipes th this job requisition will remain open for least 3 days with an anticiped close de of no earlier than 3 days after the original posting de as listed above. Pay Range: Pay Range $107,900.00 - $195,050.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compension or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, educion, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market da, applicable bargaining agreement (if any), or other law. About Leidos Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovions. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximely $16.7 billion for the fiscal year ended January 3, 2025. For more informion, visit www.Leidos.com. Pay and Benefits Pay and benefits are fundamental to any career decision. Th's why we craft compension packages th reflect the importance of the work we do for our customers. Employment benefits include competitive compension, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available www.leidos.com/careers/pay-benefits. Securing Your Da Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-reled informion during any part of the employment applicion process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communice with you through emails th are genered by the Leidos.com automed system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhsApp, Telegram, etc. If you received an email purporting to be from Leidos th asks for payment-reled informion or any other personal informion (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediely by emailing us LeidosCareersFraud@leidos.com. If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission. Commitment to Non-Discriminion All qualified applicants will receive considerion for employment without regard to sex, race, ethnicity, age, nional origin, citizenship, religion, physical or mental disability, medical condition, genetic informion, pregnancy, family structure, marital stus, ancestry, domestic partner stus, sexual oriention, gender identity or expression, veteran or military stus, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. Apply Now