Vacancy expired!
Description
Job Description: The Leidos Corporate Group has an immediate opening for an Endpoint Cyber Engineer to join our Cyber Information Security team. This position can be supported from Orlando - FL, Reston - VA, Gaithersburg - MD, or telework for the right internal candidate. You will join a Global Endpoint Security team of cyber leaders, engineers, and operations analysts responsible for: administration & maintenance, testing, design, and implementation of Leidos endpoint cyber defense solutions, initiatives, and the supporting hybrid infrastructures.As an Endpoint Cyber Engineer, you will focus on the design and implementation of industry leading cyber security products that support the cyber defense mission of a Fortune 500 organization. You will define, drive, and deliver major components of an overall endpoint security strategy. Additionally, you will provide guidance and support as needed to the Endpoint Cyber Operations team. This includes, but is not limited to, assisting with documentation of standard operating procedures (SOPs), knowledge transfers, training, etc. You will be expected to "think like an adversary" and provide engineering-centric input into every phase in the Cyber Defense development process from an endpoint cyber defense perspective. You will be the Subject Matter Expert in the architectural design and initial configuration of the Leidos next generation endpoint solutions. This includes an aggregate understanding of Leidos' corporate policies, common information security frameworks, and security best practices. Once understood, the focus will turn towards contributing to the technical innovation that will evolve Leidos' defensive capabilities and methodologies. Finally, you will evaluate systems with the goal of identifying and remediating existing gaps in vendor solutions and platform technologies as well as refining the established policies, processes, and procedures as it relates to the user experience with the software and configurations. Primary Responsibilities- Mentoring, coaching, and developing peers
- Ability to contribute to and work with a high performing team in a collaborative effort
- Experience in development & implementation of a Data Loss Prevention (DLP) program
- Being a Subject Matter Expert for endpoint security solutions (e.g., NextGen AV, Host Firewall, Privileged Rights Management, Application Allow Listing, Endpoint Detection and Response , etc.)
- Advanced knowledge of various security frameworks such as, but not limited to, security operations, incident investigations, incident response, threat hunting, vulnerability awareness and security configuration management
- Technical control testing, implementation & enforcement based on inputs received by the Leidos Cybersecurity Intelligence & Response Center (CSIRC), the Endpoint Cyber Engineering team, and other internal organizations, leaders, stakeholders where applicable
- Support change management tasking relative to the security policies associated with the endpoint security solutions and capabilities that you support
- Work closely with your manager to ensure tasks are executed on time
- Ensure documentation relative to the supported endpoint security products, procedures, services, etc., are written and centrally accessible
- Create and monitor reporting for compliance
- Ability to understand & troubleshoot complex situations and apply solutions successfully without reducing the security posture of the company
- Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals
- Being able to work as an individual or in a team collaborating in various product areas while maintaining a successful and secured environment
- Perform other tasks as assigned.
- Bachelor's degree and minimum 4 years of relevant experience, including 2 years in Cyber / Information Security field. Additional years of relevant experience and/or technology certifications may be considered in lieu of degree. This should include 2+ years of endpoint security experience.
- Experience designing & implementing endpoint security solutions (e.g., NextGen AV, Host Firewall, Privilege Management, Application Allow Listing, Endpoint Detection and Response , etc.) on a global enterprise scale.
- Hands on experience with solution design and implementation for endpoint security solutions
- Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences
- Must be able to weigh business needs against endpoint security concerns and articulate challenges to customers as well as leadership
- Ability to manage time and priorities with multiple tasks and projects
- Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations
- Deep technical understanding of advanced threat detection in an enterprise environment, automated intelligence distribution methods, malware families, their types, and the threat they pose.
- Must have a fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support
- Eligible to obtain a DoD Secret Security Clearance
- US Citizenship is required
- Windows 10 security best practices and configurations
- Linux System Administration experience or experience with Linux OS hardening.
- Knowledge of Microsoft Active Directory
- Experience with cloud IaaS/PaaS solutions such as Microsoft Azure or Amazon AWS
- Proficiency with Microsoft Windows administrative & troubleshooting tools
- Demonstrated experience performing cybersecurity analysis from an endpoint engineering perspective
- Active DoD Secret or higher clearance
- Demonstrated knowledge of common information security management frameworks such as CMMC 1.0/2.0, ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard
- Functional understanding of scripting languages (Batch, Powershell, Python, VBScript, etc.)
- GIAC GCIA Certification or other cyber security certifications are a plus
- Experience with Splunk (preferred) or other SIEM platform
- Experience with Cloud-based information protection and cyber security
Vacancy expired!