Cybersecurity Engineer

Leidos•Bedford, MA

1d•Hybrid

About The Position

Leidos was awarded the U.S. Air Force Cloud One Architecture and Common Shared Services contract, and is currently seeking a Cybersecurity Engineer across AWS, Azure, Google, and Oracle clouds. This is an exciting opportunity to use your experience to modernize a leading, global-scale multi-cloud environment in support of a critical mission, supporting USAF system resiliency, security, and cost effectiveness. Location: This position will be hybrid remote. Candidates will be required to work onsite as needed. Preferred candidates will be located near Hanscom AFB (Bedford, MA). Primary Responsibilities: The Cybersecurity Engineer will perform cybersecurity authorization services, including acting as a point of contact cybersecurity authorization related aspects to the assigned information systems, ensuring systems are maintained per security policies and procedures and maintaining compliance and ongoing reporting to management.

Requirements

Bachelor’s degree with 4–8 years of relevant experience, or Master’s degree with 2–6 years of relevant experience. Additional years of experience may be considered in lieu of a degree.
Active Secret clearance at a minimum required to start.
US citizenship required
Certifications: CompTIA Security+ or equivalent (IAT-2)

Nice To Haves

Experience with USAF Cloud One or Platform 1
Experience with Zero Trust Architecture
Cloud certifications in AWS, Azure, Google, or Oracle clouds
Certifications: CISSP C1NACSS

Responsibilities

Design, deploy, configure, operate, and maintain authorizations and accreditation of the C1 Architecture for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure in NIPRNet and SIPRNet
Author, review, coordinate and submit cybersecurity authorization required artifacts to eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and Authorization to Operate (ATO)
Support conducting cybersecurity authorization activities to comply with all current Cybersecurity and IA manuals, instructions, and guides within the DoDI 8500.01 and DON 5239.
Supply RMF-required authorization-related documentation and artifacts
Conduct routine Insider Threat Assessment and document results in the Contractor’s System Security Plan
Continuously monitor system resources through automated scanning and implement automated reporting feeds to support cybersecurity authorizations.
Verify patch compliance using the approved technical solution
Provide and execute a plan for vulnerability and compliance scanning
Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components.
Independently develop and maintain system security documentation, including drafting, reviewing, editing, and recommending guidance for Standard Operating Procedures (SOP), Tactics, Techniques, & Procedures (TTP), Plan of Action and Milestones (POA&M) and Federal Information Security Management Act (FISMA) Score Card.
Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials
Work closely with government Cyber & technical teams to support ATO conditions and requirements.
Prepare detailed technical documentation to support development and operational processes
Collaborate with team members and provide mentorship to junior staff, fostering a learning environment