Cybersecurity Engineer SME

Leidos
Bethesda, MD
Job Description
Role Overview

The Cybersecurity Engineer SME is responsible for protecting the customer’s information systems, networks, and infrastructure from cyber threats and vulnerabilities. This role supports the design, implementation, and maintenance of security controls that safeguard mission systems and ensure compliance with applicable cybersecurity policies, standards, and regulatory frameworks.

What You Will Do

Plan, implement, manage, monitor, and upgrade security controls and tools used to protect enterprise systems and networks, while identifying opportunities to automate repeatable operations tasks. Design, configure, implement, troubleshoot, and maintain security technologies such as firewalls, endpoint protection tools, and SIEM platforms.

Why It Might Be a Fit

The candidate will work closely with Information Systems Security Engineers, Information Systems Security Managers, software developers, systems engineers, and government stakeholders throughout the DevSecOps lifecycle. The role requires experience with Security Information and Event Management (SIEM) tools, endpoint and network security technologies, and cybersecurity event logs.

Requirements

  • Experience implementing and managing Security Information and Event Management (SIEM) tools such as Splunk or similar platforms.
  • Experience working with endpoint and network security technologies, including IDS/IPS, HBSS/Trellix, and related defensive security tools.
  • Experience reviewing and analyzing cybersecurity event logs to identify indicators of compromise or suspicious activity.
  • Experience supporting incident response plans, vulnerability management programs, risk management plans, and Plans of Action and Milestones (POA&Ms).
  • Experience conducting or supporting technical cybersecurity assessments and security audits.
  • Experience identifying system vulnerabilities and instances of non-compliance with cybersecurity standards and regulatory requirements.
  • Experience collaborating with DevSecOps teams to review vulnerability scan results and support remediation of findings.
  • Experience supporting the Risk Management Framework (RMF) authorization process by reviewing security documentation and providing risk-based recommendations to stakeholders regarding system risk posture as part of Authority to Operate (ATO) activities.
  • Experience applying system security engineering principles in areas such as system security design, lifecycle engineering, authentication and authorization mechanisms, cryptography, intrusion detection, contingency planning, incident handling, auditing, configuration management, and change control.
  • Professional cybersecurity certifications such as Security+, CISSP, CySA+, CEH, or GCIH.

Benefits

  • Paid Time Off
  • 11 paid Holidays
  • 401K with a 6% company match and immediate vesting
  • Flexible Schedules
  • Discounted Stock Purchase Plans
  • Technical Upskilling
  • Education and Training Support
  • Parental Paid Leave
]]>