Skip to contentInformation System Security Engineer – Isse
| Company | Leidos |
|---|
| Location | Woodlawn, MD, USA |
|---|
| Salary | $67600 – $122200 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Mid Level, Senior |
|---|
Requirements
- Bachelor’s degree and 3 years of experience, master’s and 1 year of experience or 7+ years in lieu of a degree.
- Proven experience in information security, risk management, or a related area.
- Strong understanding of security frameworks, protocols, and technologies.
- Must be able to obtain and maintain a Public Trust. Contract requirement.
Responsibilities
- Design and implement security architectures for information systems, ensuring compliance with NIST SP 800-53 and other relevant frameworks.
- Develop, document, and enforce security policies, procedures, and standards to safeguard sensitive information.
- Assist stakeholders with risk assessments and vulnerability analyses to identify potential security threats and weaknesses in systems and applications.
- Analyze Splunk reports generated for system vulnerabilities.
- Prepare and maintain security documentation, including System Security Plans (SSPs), Risk Management Framework (RMF) documentation.
- Collaborate with IT teams to integrate security measures into the system development life cycle (SDLC) and ensure secure configurations of hardware and software.
- Monitor security events and incidents, responding to security breaches and conducting investigations as necessary.
- Conduct stakeholder meetings independently to gather requirements, present findings, and provide updates on security initiatives.
- Stay current with emerging security threats, trends, and technologies, and recommend improvements to security practices and tools.
- Ensure compliance with federal regulatory bodies, including the Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST), Federal Information Security Management Act of 2002 (FISMA), Federal Risk and Authorization Management Program (FedRAMP), and the Health Insurance Portability and Accountability Act (HIPAA).
- Prepare reports and documentation related to security incidents, compliance audits, and risk assessments for management and stakeholders.
Preferred Qualifications
- Security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+).
- Familiarity with cloud security practices and technologies.
- Experience with incident response and forensic analysis.
- Strong analytical and problem-solving skills.
