Baltimore MD US
Medicaid Services (CMS) Continuous Diagnostic and Mitigation (CDM) initiative. This team is responsible for the installation, administration, and monitoring of a diverse suite of security tools within multiple datacenters, as well as incident response, investigations and audit support.
The engineer must work with different support teams, business process teams and program management teams to analyze customer’s business goals, objectives, needs and general business environment to solve technical problems.
The position requires an individual with a record of success as a team member and motivator. Candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity. Ability to adhere to the highest standards of ethics and professional conduct are an absolute must.
The current work environment is on-site at Leidos in Windsor Mill / Woodlawn, Maryland with potential for on-site work at CMS (in the same location). Telecommute opportunities are currently being evaluated and may become available based upon teams supported, work hours, and work performance.
A successful candidate will:
- Work in collaboration with CMS and their System Integrators to help lead the implementation of the various CDM security solutions across multiple CMS data centers.
- Facilitate cross functional work groups across the organization to provide design/architectural reviews Lead root cause analysis teams
- Design and develop information security systems spanning IT operations, administration, monitoring and management, networks, infrastructures and datacenters.
- Oversee the planning and execution of technology operational changes, support enhancements, decommissions and maintenance to meet contractual needs
- Consult with appropriate management staff to clarify system and program requirements
- Lead cross-functional teams to develop proposals, basis of estimates and bill of materials. Responsible for ensuring completeness of proposal submission
- Provide technical design and engineering support, including documenting and diagramming the logical, physical, and process views to capture appropriate security controls and safeguards
- Lead security engineering definition of complete security solutions covering the lifecycle from early CONOPS, to requirements development, technical planning, system integration, analysis of alternatives, verification and validation, design, build, cost, deploy, and sustainment. Follow engineering lifecycle process for all projects from inception to implementation and operational handoff.
- Gathers requirements and develops high level and low level designs, test artifacts, and configurations.
- Provide technical engineering guidance and support and Identify architectural and technical weaknesses, gaps, and areas for improvement with minimal direction
- Recommend processes, services, software, hardware, and other tools to support business objectives pertinent to infrastructure technologies
- Provide security engineering oversight through various mechanisms both open standard and proprietary and champion industry best practices.
- Provide hands-on technical and engineering support regarding the design, connectivity, and configuration of network infrastructure and unified communication infrastructure and operations
- Provide day-to-day support for initiatives by participating in reviews of significant technical design deliverables and supporting post-release problem management efforts in conjunction with other engineering leads
- Provide problem identification, escalation and resolution of system performance, hardware, software application, and security issues
- Demonstrated experience in an IP-based enterprise network environment as a security engineer, analyst, and/or technical specialist with proven WAN/LAN systems engineering, configuration, analysis, implementation, and troubleshooting skills.
- Demonstrated hands-on experience and proficiency with network and Security tools. Solid understanding of WAN/LANs, network operating systems, enterprise architectures, routing and transport protocols, and unified communications
- Experience evaluating security tools, technologies, and process to best fit with existing practices. Develop and implement security monitoring and management technologies, procedures and KPI’s using standard security tools used by data center hosting providers and cloud providers
- Subject matter expert in the Design and Engineering of secure environments and NIST SP800-53 controls as well as End User and Automation technologies
The candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity. The ability to adhere to the highest standards of ethics and professional conduct are an absolute must. The position requires an individual with a record of success as a team member and motivator.
BS degree and 4 – 8 years of prior relevant experience. Experience may be substituted in lieu of degree.
- Experience designing and implementing secure environments
- Enterprise engineering with a strong background designing, deploying, and maintaining various security solutions in large distributed environments.
- Process/Procedure/SOP development
- Exposure to implementing security controls in support of Micro Segmentation, Micro Strategies, Virtual Data Center technologies, HA, application and data center mobility
- Experience developing large-scale data centers, infrastructures and networks
- Confidence and professionalism with the ability to present both technical and business concepts to professionals of any level
- Demonstrated experience supporting security initiatives in the design and implementation of converged network architecture and reference architectures; from business requirements gathering to technology rollout oversight and integration of multiple tools and technical documentation
- Experience with configuration management system
- Strong verbal/written communication, with ability to effectively interact with individuals at all levels of responsibility and authority; Must be able to prioritize, delegate and foster the development of high performance teams to lead/support an environment driven by customer service and team work; Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously; Ability to participate in resource planning processes based on defined organizational plans
- Experience concurrently supporting Operations and Ongoing IT projects.
- Have supported or presented security technical solutions for approval to Engineering or Technical Review Board
- Experience with ForeScout CounterACT design, deployment and operations in a large enterprise environment, to include defining and creating CounterACT polices in accordance with customer’s business requirements; Building and tuning Forescout policies to enable asset identification and reporting; Ability to work on Forescout data exports into Splunk for accuracy and completenesssupporting ForeScout including ForeScout CounterACT design, deployment and operational experience, to include defining and creating CounterACT polices in accordance with customer’s business requirements.
- Experience working on the Department of Homeland Security’s CDM initiative
- 2+ years CSIRT experience
- Proven ability to troubleshoot complex security issues related to hardware, L3/L2 deployment, application behaviors and TCP stack
- Experience managing relationships with senior technical customers
- Strong understanding of Architectural Frameworks such as TOGAF, DODAF and IT management frameworks such as COBIT.
- Understanding of COTS integration and Software Development Methodologies
- Experience in R&D projects, innovation, and strategy
- Project Management skills/background
- Knowledge of one or more scripting languages, Python preferred
- Strong knowledge of various security tools and techniques
- Experience with system automation, specifically related to security controls verification and reporting. Automation a plus
- Experience with infrastructure and server operations; application infrastructure and standards; networking fundamentals; Virtualization Technologies (e.g. VMware, HyperV, KVM) and LAN/WAN/Firewall/VPN/Proxy network technologies
- Strong understanding of ITIL Service Management, Service Delivery
- Hands on experience with capacity and performance management, Release management, CMDB and System of Record (SOR), Service Now and Remedy system.
CISSP or other security related certification.
Security Architecture and Engineering
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018.
JBLeidos / An Equal Opportunity Employer