Cyber Engineer - Security Architecture & Engineering
The Civil Group of Leidos is seeking a UK-based Cyber Security Engineer who is a motivated self-starter who can work independently and as part of a dynamic fast paced team.
This is an exciting opportunity to join our Integrated Network Management Software team, where you will build tools and provide guidance that will help our product engineers effortlessly write code that keeps our customers’ information secure.
You will monitor cyber frameworks and maintain records conformity, define and implement Cyber Security policies and best practices within the product development team, as well as leading vulnerability activities such as "capture the flag".
To be considered for this position, you’ll need to have a wide ranging technical background and previous experience in all or some of the following areas:
Electrical power systems
ESSENTIAL DUTIES AND RESPONSIBILITES:
Defining security requirements and design solutions, providing guidance and direction related to security technologies.
Performing analysis on security collected data and test results
Identifying and implementing security design and preparing and maintaining engineering and security related documentation.
Defining and developing cybersecurity requirements, design, and architecture artifacts, strategy, plans, and policies.
Perform and/or provide guidance and oversight on vulnerability assessments
Collaborating with program and engineering disciplines and ensuring cybersecurity solution.
Conduct cybersecurity audits to ensure appropriate implementation and compliance of the security posture.
Define security development and test efforts implementation of security controls of networking devices, databases, operating systems, web interfaces and hardware and software components.
Conducting technical and nontechnical trade studies, analysis and reviews.
Manage priorities within sprints and be able to seamlessly shift between multiple tasks
Work with multiple scrum teams and implementation team
Effective communication with stakeholders and other key personals in the business whenever needed
Work with multiple teams based in different locations and time zones.
Collaborate closely with software developers and product engineers to ensure security principles are applied consistently throughout
Cross Functional Working
Continually build relationships with internal stakeholders to achieve the successful completion of projects
Health & Safety
Always follow and promote Group and Company policies and procedures
Ensure all Company equipment and personal PPE properly used
Fully Understand and always adhere to the Company’s Equality Policy at all times
All employees must conduct themselves in accordance with our Corporate Company Values and Business Ethics at all times
Minimum 5+ years of technical (hands-on) experience related to Information Assurance/Cybersecurity requirement determination, development, and implementation.
Familiarity with dynamic languages and modern web development frameworks such as C#, Rest API, Message Queues, etc.
Experience with security features and/or vulnerability of various operating systems as defined by NIST, DISA (STIGs) and ISO
Experience in security engineering involving various computer hardware and software operating system and application solutions in both a stand-alone and in LAN/WAN configurations.
Experience with IA vulnerability testing related network and system test tools (e.g. ACAS, Retina, Nessus, SCAP).
Experience working U.S. Government contract proposals as a cyber security subject matter expert.
Security related Network and Operating System certification or training.
Self-starter requiring limited direction and supervision.
Wide ranging technical background
Previous experience with Enterprise software solutions
A hands-on engineer who cares deeply about both the technological and social aspects of building a secure organization
Degree in Computer Science/Engineering, or equivalent expertise in commercial cyber security activities
Relevant security certifications (OSCP, CEH, GPEN, CISSP, etc.)