Security Infrastructure Engineer

Description

Looking for an opportunity to make an impact?

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our mission of “making the world safer, healthier, and more efficient” and our values— as one of the World’s Most Ethical Companies TM from 2018 to 2022— guide everything we do in business. We are recognized as one of leading employers in hiring military and veterans, with military veterans making up ~20% of our workforce.

Leidos Life represents our renewed commitment to putting our employees first with a focus on career, flexibility, and well-being. Leidos is a people company, plain and simple. The only way Leidos succeeds and continues to grow is if we grow together. Leaders and employees are encouraged to have ongoing career conversations that focus on uncovering interests, collaborating on actions, and seeking out “what’s next.” A variety of learning methods are offered, including on-the-job training, education, peer-to-peer learning, mentoring, and coaching. Internal mobility, where employees are supported to move within for growth and development, is fostered. We understand flexibility is at the heart of engagement, productivity, and frankly, life. Promoting flexible options where we can and providing choices in how, when, and where we work contributes to a better quality of life for all of us. We know our employees share in and take pride in our mission to make the world safer, healthier, and more efficient and need flexible options to deliver on that mission. We also take a 360 approach to well-being. Leidos offers a variety of resources to employees focusing holistically on mental health, financial wellness, and physical fitness. We’re in it for the long haul, growing to meet today’s challenges and preparing for the ones yet to come, and we want you there every step of the way.

Your greatest work is ahead!

Serve as a Security Infrastructure Engineer on the Army Information Advantage Enterprise (IAE) Security Infrastructure team. This position will lead deployment, configuration, testing, and evaluation of current and emerging cybersecurity technologies. This role will work very closely with the Security Infrastructure Technical Lead to implement best practices for system management as well as to drive innovation in support of IAE Defensive Cyber Operation’s mission-critical, defensive cyber operations.

If this sounds like the kind of environment where you can thrive, keep reading!

Leidos Defense Group provides a diverse portfolio of systems, solutions, and services covering land, sea, air, space, and cyberspace for customers worldwide. Solutions for Defense include enterprise and mission IT, large-scale intelligence systems, command and control, geospatial and data analytics, cybersecurity, logistics, training, and intelligence analysis and operations support. Our team is solving the world’s toughest security challenges for customers with “can’t fail” missions. To explore and learn more, click [Register to View] !

Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!

Primary Responsibilities

• Assist Security Infrastructure team in conducting daily maintenance and support activities.

• Provide expertise in addresses high-priority tasks and outages.

• Assist in creation and upkeep of network and elevation diagrams for all managed security equipment

• Conduct demonstrations, proof-of-concept and pilot deployments, and tests of potential equipment and upgrades.

• Conduct deployment, configurations, maintenance, patching, troubleshooting, and upgrades of cybersecurity infrastructure and capabilities

• Provide assistance to junior administrators, as needed.

• Provide recommendations to contractor and government leadership on ways to improve the security infrastructure

Basic Qualifications

• Must have an active Top Secret/SCI security clearance

• Bachelor's degree in a relevant field and minimum of 8+ years experience OR a Master's degree and at least 6 years of experience

• Must have certifications that satisfy DoD-8570 IAT Level II OR CSSP Infrastructure Support upon start

• Demonstrated experience with deploying, configuring, maintaining, patching, troubleshooting, and upgrading cybersecurity infrastructure and capabilities.

• Understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).

• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

Preferred Qualifications

• CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.

• 4+ years of cybersecurity related experience

• 3+ years of technical experience deploying and maintaining cybersecurity tools, especially network defense capabilities

• Demonstrated knowledge of network traffic and communications, including known ports and services.

• Demonstrated experience with researching and fielding new and innovative technology

• Experience with automation and orchestration frameworks (ex. Ansible, Puppet, Chef)

• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.

• Hands-on experience as a SOC analyst.

• Hands-on experience with the Windows and Linux operating system and their respective command line interfaces and scripting shells.)

• Windows and/or Linux or vendor agnostic Operating System Certification (e.g. RHCSA, Linux+, Server+)

• Proficient in Windows Server and Red Hat Linux operating systems

• Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations.

• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic).

• Experience and proficiency with any of the following: Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics.

• Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).

• Experience with malware analysis concepts and methods.

• Working knowledge of database and operating system security

• Experience using Microsoft Active Directory to manage group policy, computer and user objects

• Ability to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities

• Seek out information and data to evaluate, prioritize and formulate best solution or practice

• Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met

• Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.

• Ability to perform deep dive investigations from start to finish of a security incident using data from both host based and network based devices.

• Ability to forensically investigate both Windows and Linux devices for compromise.

• Ability to analyze malicious files through code analysis/reverse engineering.

• Ability to perform introspection of incident for after action reports to both technical and non-technical staff

• Exposure to handling classified incidents

• Understanding of offensive security (threat hunting and penetration testing)

• Understanding of SIEM and SOAR products

• Understanding of EDR technologies

• Scripting capabilities

• Strong analytical and troubleshooting skills.

• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.

Clearance Required

• TS/SCI with the ability to obtain a CI Poly if hired

Army Cyber Command (Arcyber) Cyberspace Operations Support

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.