Overview
Leidos is seeking a Cyber Security Engineer with an extensive background as an infrastructure engineer, coupled with proven skills in coding. This role is designed for an individual who is keen on leveraging their technical expertise to fortify the security framework within a dynamic environment. The role will lead initiatives to integrate security at every phase of the development lifecycle, ensuring the robustness and compliance of our applications and infrastructure. In this role, you will be working across both infrastructure and security space reporting into the System Technical Lead and the Cyber Security Engineering Lead.
Responsibilities
* Infrastructure hardening/maintenance/engineering
* Support COTS Application Updates: ensure compatibility and security for Commercial Off-The-Shelf (COTS) applications
* Vulnerability Scanning: conduct regular assessments of environments to identify vulnerabilities
* Security Definition Updates: manage and update security definitions across platforms
* Vulnerability Analysis: analyse vulnerability assessment reports and implement changes
* Security Daily Checks: perform daily checks of security components for operational integrity
* System Health Checks: conduct daily system health checks to ensure servers function optimally
* Capacity Checks & Reporting: monitor local system capacity and report; suggest improvements
* Patching: support application patching to resolve security issues and enhance performance
* Log Management: oversee log archiving and deletion to maintain a streamlined system
* Account Management: update local admin passwords and manage account policies
* Resource and System Monitoring: implement and manage monitoring tools and practices
* Backup Management: ensure local server backups are conducted regularly and effectively
* Documentation and SOPs: review and update engineering and design documents and SOPs periodically
* Reboots and Preventative Maintenance: schedule and execute server and application reboots as preventive maintenance
* Platform Health Check: perform full audits of technologies for interoperability and patch compliance
* PKI and Secrets Management: oversee daily checks of Public Key Infrastructure and manage secrets lifecycle
* Vulnerability Assessment: execute comprehensive vulnerability scanning on all applications and lead analysis/triage
* Code Review: review code for potential security issues prior to production releases
Qualifications
* Experience in infrastructure hardening/maintenance/engineering
* Experience in one or more: Microsoft, Linux/Unix, Virtualisation (VMWare), Endpoint Security (e.g. Symantec, Trellix), Network Security (Firewalls), Vulnerability Scanning, Code Analysis (Java, PowerShell)
* Experience in delivery and proposal environments
* Experience in MOD or Home Office project environments
* Proven track record as a 3rd line infrastructure engineer
* Strong automation and process development experience
* Working knowledge of SecDevOps tools and methodologies
* Excellent analytical and problem-solving skills
* Strong communication and documentation abilities
* Hands-on experience with SIEM solutions (e.g. Splunk, ArcSight, LogRhythm)
* Experience communicating with leadership and presenting in security working groups
* Ability to develop and communicate reports to meet defined objectives
* Commercial awareness and project discipline
Benefits
* Contributory Pension Scheme
* Private Medical Insurance
* 33 days Annual Leave (including public and privilege holidays)
* Flexible benefits (life assurance, health schemes, gym memberships, annual buy/sell holidays, cycle to work)
* Flexi-time benefits
#J-18808-Ljbffr