Cybersecurity Specialist - Junior

Description

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.

If this sounds like the kind of environment where you can thrive, keep reading!

The Intel Security Sector delivers technology-enabled services and mission software capabilities for defense and intel customers in the areas of cyber, logistics, security operations, and decision analytics.

Your greatest work is ahead!

Job Description

This position will be located at one of our customer sites in Bethesda, MD; Reston, VA; or Joint Base Anacostia-Bolling, DC.

Leidos has an exciting opportunity for a Junior Cybersecurity Specialist in our Intel Security Sector's Analysis Solutions Business Area. The Junior Cybersecurity Specialist supports the organization's cybersecurity program by implementing and maintaining security operations at both tactical and operational levels. This role helps ensure that security controls are operating effectively across key areas including security logging, monitoring, alert management, incident response, vulnerability management, and configuration management.

The analyst will work closely with multidisciplinary teams-including Information Systems Security Engineers (ISSEs), Information Systems Security Managers (ISSMs), software developers, and systems engineers -to strengthen the security posture of mission systems. Throughout the DevSecOps lifecycle, the candidate will assist in developing, implementing, and maintaining robust security strategies that protect mission-critical systems, data, and infrastructure while ensuring compliance with organizational and federal cybersecurity requirements.

Are you ready for your next career challenge? Join a team committed to a Mission!

Responsibilities Include:

• Support the secure architecture, design, and implementation of DoD systems in accordance with DoDI 8510.01, NIST SP 800-53, and other DoD security guidance.
• Lead the integration of RMF activities into the system development lifecycle (SDLC), including selecting, implementing, and validating security controls.
• Develop and maintain key security documentation such as System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and Plan of Action and Milestones (POA&Ms).
• Collaborate with ISSOs, ISSMs, developers, and system owners to ensure systems are developed and maintained with approved security configurations.
• Apply Security Technical Implementation Guides (STIGs) to systems and validate compliance using tools such as SCAP, STIG Viewer, and ACAS.
• Apply security patching.
• Maintain application, network, and database scanning infrastructure (application/product updates, database maintenance, benchmark/audit files, application/server builds, rule pack/content updates, scanner, or agent deployment etc.)
• Analyze vulnerability scans and ensure timely mitigation or acceptance of risks based on DoD policies.
• Provide technical input to support and maintain system authorization.
• Participate in system reviews, architecture assessments, and engineering design reviews to embed cybersecurity from the outset.
• Develop and implement automation or security tools to improve the compliance and monitoring of systems.
• Support security incident response and forensics analysis in coordination with ISSMs and Security points of contact.

Clearance Requirements:

• Active TS/SCI clearance with the ability to obtain and maintain TS/SCI with Polygraph.

Required Experience, Skills, and Education:

• Bachelors degree and less than 2 years of experience. Entry-levelCybersecurity experience including internships. Additional years of experience in lie of degree are accepted.
• Experience with reviewing cybersecurity vulnerabilities for risk and relevance as well as in vulnerability mitigations/remediation planning, for identified systems, network, application and database vulnerabilities and applying security patching.
• Active TS/SCI clearance with the ability to obtain and maintain TS/SCI with Polygraph.
• Due to the nature of the government contracts we support, US Citizenship is required.
• Understanding of Microsoft Windows and/or Linux/UNIX operating systems.
• Experience with middleware / web technologies (Apache, tomcat, IIS, etc.)
• Experience with Databases (Postgres, MS SQL, MySQL, ElasticSearch, etc.)
• Understanding of TCP/IP networking.
• Experience with Continuous Integration and Continuous Delivery Platforms (Jenkins, Bamboo, GitlabCI TFS, etc.)
• Familiar with NIST 800-171, 800-172, NIST SSDF, and CMMC requirements.
• Experience supporting DoD/IC systems through the entire Risk Management Framework Plus (RMF) process.
• Experience with System Security Engineering management processes to integrate security and privacy controls into complex hardware and software systems
• Experience developing and reviewing security concept of operations, systems security plans, security risk assessments, contingency plans, configuration management plans.
• Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans.
• Strong communication skills; able to successfully communicate with management personnel, technical personnel and third parties.

Preferred Experience, Skills, and Education:

• Bachelor's degree in Computer Science, Data Science, Engineering, Information Systems, or related technical discipline. An additional 4 years of experience may be substituted in lieu of degree.
• Three years of experience in the field with at least a portion of the experience within the last two years.
• Software development/coding experience with programming languages such as Python, Java, and React
• Successfully achieved ATO under RMF+
• Experience with big data applications
• Experience with tools for ticketing and documentation (e.g., Gitlab, Jira, Confluence).
• Experience working in an Agile environment
• Experience with OIDC or Oauth2

At Leidos, the opportunities are boundless. We challenge our staff with interesting assignments that provide them with an opportunity to thrive professionally and personally. For us, helping you grow your career is good business. We're excited to learn more about you.

#EWOKS

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.