Cyber Security Engineer

Description

Job Description:

1901 Group currently has an opening for Security Engineer in its Blacksburg, VA office.

As a Security Engineer, you will perform duties such as review existing architectures to plan, deploy, and enhance secure solutions to protect the data within the environment. Review existing security documentation and processes to provide areas of improvement. Provide investigation and remediation support to mitigate security threats and incidents. Work with various teams to ensure best practices regarding information security are understood, implemented, documented as systems are migrated from different environments. Review multiple cloud environments for weaknesses and improvements needed. Work with the team to integrate the security toolset with other systems to automate functions for incident response. Ensure systems adhere to relevant secure benchmarks. Manage multiple security tools within multiple environments

Primary Responsibilities

• Work within the team and provide recommendations for enhancing processes, tune SIEM rules, and assist with reviewing security events for incident response.
• Support a wide range of security tools in a multi-tenant environment.
• Provide Continuous tuning of existing security tools used for monitoring and analysis of security events of interest.
• Create incidents and support the investigation of security incidents to not only mitigate the current threat but also prevent future occurrences.
• Create, review, and update applicable control implementation statements within System Security Plans (SSP) with supporting statements and evidence.
• Document and track status of all findings within the Plan of Action and Milestones (POA&M).
• Work closely with other teams to support the incident management process in the event of security incidents.
• Support customer and team requests for data and artifacts from solutions such as AntiVirus, SIEM, IR processes, tickets, and vulnerability scans.
• Stay up-to-date on the latest tools, techniques, and processes used by cyber criminals.
• Be an escalation point within the team and work closely with other analysts and engineers as required.
• Work with various teams to improve integration of services to the security toolset.

Basic Qualifications

• Must have a bachelor’s degree in Information Systems, Computer Science, Information Security, and 4+ of prior relevant experience.
• Must have at least 4 years of Cyber Security experience
• At least 3 years of experience deploying and managing Splunk infrastructure
• Must be able to obtain and maintain an agency security clearance prior to start
• Currently possess Security+
• Strong communication skills both written and verbal.

Preferred Qualifications

• Possess certifications such as CISSP, CEH, GCIA, or GCIH.
• Possess any of the following Splunk certifications: Splunk Enterprise Certified Admin, Splunk Cloud Certified Admin, or Splunk Enterprise Certified Architect.
• Strong understanding of best practices deploying and managing Splunk infrastructure.
• Experience managing Windows or Linux systems.
• Strong understanding of AWS & Azure Cloud Services.
• Experience utilizing Powershell or bash scripting to manage configurations on systems.

Pay Range:

Pay Range $78,000.00 - $120,000.00 - $162,000.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.