Cybersecurity Engineer

Description

Leidos is seeking a highly motivated Cybersecurity Engineer to support the Transportation Security Administration (TSA) on a nationwide program. This role offers an exciting opportunity to join a dedicated team that supports cloud-based infrastructure and devices deployed throughout the U.S. and U.S. Territories. The successful candidate will be integrated into the team, learning the existing architecture and providing support during normal hours, after-hour patching, and on-call as needed. We seek an independent thinker who can work with minimal supervision and take charge of their responsibilities.

Your specialized knowledge will play a crucial role in advancing the TSA's modernization efforts while ensuring the protection of the nation's transportation systems. You will design and implement network monitoring and identity management solutions, conduct threat modeling, and ensure compliance with security standards. Ideal candidates will possess experience with security accreditation, vulnerability assessments, and hands-on technical implementation.

Primary Responsibilities: • Administer and harden cloud-based environments. • Manage and secure servers and workstations (e.g., RHEL, Windows) including OS configuration, patching, and enforcing security baselines. • Oversee network appliances (e.g., VPN, SWG, NGFW) with a focus on configuration, patching, and compliance. • Generate compliance and vulnerability reports for leadership, auditors, and governance teams; track remediation progress. • Clearly communicate technical vulnerabilities (CVEs, CVSS) and remediation options to both technical and non-technical stakeholders. • Design, implement, and maintain secure system architectures in line with organizational policies and best practices. • Provide support for Active Directory and networking issues. • Assist users by managing system access, permissions, and resolving issues. • Manage account creation, modification, and termination according to security protocols. • Implement IT equipment configuration per DISA STIGs and resolve compliance issues. • Run vulnerability and compliance scans, addressing findings promptly. • Develop and implement network monitoring and maintenance solutions. • Create centralized account management for TSS Common Workstation users. • Document necessary protocols to obtain Authorization to Operate (ATO) including System Security Plans, Security Assessment Reports, and Contingency Plans. • Resolve, track, and bring closure to Plans of Actions & Milestones (POA&M).

Basic Qualifications: • Must be a U.S. Citizen. • Must be able to obtain a suitability determination from TSA. • Demonstrated ability to work independently with minimal supervision. • Excellent problem-solving skills. • Proficiency in Agile practices, service-oriented environments, and enhanced development processes. • Experience with networking ports, protocols, and architecture across operating systems, cloud computing environments, and common security tools. • Adept at collaborative work within a remote environment. • Strong consulting, leadership, and mentoring skills with excellent communication and collaboration capabilities. • Broad knowledge of diverse application technologies, platforms, and tools including security and infrastructure configuration and monitoring. • Excellent written, verbal, and presentation skills. • Demonstrated task management experience and adaptability to changing requirements. • Solid analytical and technical skills. • Bachelor's Degree in Computer Science, Engineering, or a related field; or 10+ years of relevant experience with associated certifications. • CISSP or Security+ certification is required. • Experience working with government agencies to obtain ATO for new IT services. • Experience enforcing DISA STIG security policies in Windows and Linux environments. • Familiarity with NIST Risk Management Framework (RMF). • Knowledge of DISA STIGs and vulnerability scanning tools (e.g., Nessus, Nipper).

Preferred Qualifications: • Experience implementing Endpoint Management Solutions (e.g., Trellix Endpoint Security, ePolicy Orchestrator). • Experience with network monitoring solutions (e.g., PRTG). • Familiarity with centralized Security Information and Event Management (SIEM) solutions (e.g., Splunk). • Experience in accrediting systems and securing ATO from TSA. • Familiarity with threat modeling tools (e.g., OWASP Threat Dragon, Microsoft Threat Modeling Tool). • AWS Certification is a plus. • Familiarity with Red Hat Open Shift is advantageous.

If you are not looking for comfort but for a pioneering challenge, join us at Leidos. We are not just hiring followers—we are recruiting innovators who disrupt, provoke, and refuse to fail. Be part of a team that is always moving forward and redefining limits.