Information Systems Security Engineer

Leidos•Honolulu, HI

About The Position

Leidos is seeking a Cyber Security Engineer / Information Systems Security Engineer (ISSE) to support a high‑visibility, mission‑essential enterprise program. In this role, you’ll apply deep security engineering expertise to design, assess, and harden complex systems while guiding them through the full Risk Management Framework (RMF) lifecycle. If you thrive at the intersection of technical engineering, cybersecurity strategy, and accreditation excellence, this is where your impact will be felt immediately. You’ll collaborate with accreditation authorities, system owners, and engineering teams to ensure systems achieve and maintain Authorization to Operate (ATO) while meeting the highest security standards. As a senior security engineer, you’ll shape the security posture of mission‑critical applications and lead the engineering of RMF artifacts across a large‑scale enterprise environment. Your responsibilities include: Supporting mission‑critical applications through the full ATO lifecycle in alignment with customer security policies Leading security engineering efforts and contributing to system design with a focus on secure architecture Ensuring ATO packages adhere to RMF and DoD security guidelines by working closely with technical leads, developers, and system owners Providing expert ISSE guidance across engineering tasks and projects Defining system functions, information types, operating environments, and security requirements Producing security artifacts and evidence for RMF control validation Reviewing and tailoring security controls to ensure adequate protection Determining assurance measures to meet system assurance requirements Designing and implementing security controls and best practices, including Zero Trust Architecture Conducting A&A activities and coordinating with DAO representatives and security teams Creating and updating RMF documentation and artifacts in eMASS Reviewing system audit logs and taking corrective action when needed Performing security monitoring, audits, and control assessments using enterprise tool suites Delivering technical briefings and TEMs to communicate security concepts to non‑technical stakeholders Developing security assessment criteria to ensure development teams meet A&A requirements Ensuring compliance with encryption standards and secure communications Staying ahead of emerging security trends and technologies to support future mission needs Mentoring team members and supporting project execution across the security engineering team

Requirements

Active DoD TS/SCI clearance
Current DoD 8140‑compliant security certification; ability to obtain CE certification within 6 months
10+ years of experience in software engineering, system design, configuration management, integration testing, or information system engineering
5+ years of experience in system security analysis, secure system design, or protocol/interface standards
Experience with Assessment & Authorization (A&A) for multiple security applications
Experience preparing SSPs, risk assessments, SOPs, and contingency plans
Demonstrated experience creating and validating RMF security control evidence
Experience hardening Windows and Linux systems (ports, protocols, security groups, patching)
Working knowledge of RHEL 9 and Windows Server 2019/2022
Ability to work in an Agile environment using sprints and Jira boards
Experience applying Agile methodologies to security engineering workflows
Proficiency with enterprise scanning tools such as Tenable, Burp Suite, Defender for Endpoint, ACAS, ESS, and Tanium
Strong communication skills for both technical and non‑technical audiences
Ability to manage multiple tasks in a dynamic environment

Nice To Haves

Experience with Security Onion
Familiarity with back‑end security analysis tools such as Suricata, Yara, Sigma, Elasticsearch, Logstash, Kibana, Elastic Fleet, PCAP, OSquery, and Zeek
Experience with Splunk, Elasticsearch SIEM, and SOAR platforms

Responsibilities

Supporting mission‑critical applications through the full ATO lifecycle in alignment with customer security policies
Leading security engineering efforts and contributing to system design with a focus on secure architecture
Ensuring ATO packages adhere to RMF and DoD security guidelines by working closely with technical leads, developers, and system owners
Providing expert ISSE guidance across engineering tasks and projects
Defining system functions, information types, operating environments, and security requirements
Producing security artifacts and evidence for RMF control validation
Reviewing and tailoring security controls to ensure adequate protection
Determining assurance measures to meet system assurance requirements
Designing and implementing security controls and best practices, including Zero Trust Architecture
Conducting A&A activities and coordinating with DAO representatives and security teams
Creating and updating RMF documentation and artifacts in eMASS
Reviewing system audit logs and taking corrective action when needed
Performing security monitoring, audits, and control assessments using enterprise tool suites
Delivering technical briefings and TEMs to communicate security concepts to non‑technical stakeholders
Developing security assessment criteria to ensure development teams meet A&A requirements
Ensuring compliance with encryption standards and secure communications
Staying ahead of emerging security trends and technologies to support future mission needs
Mentoring team members and supporting project execution across the security engineering team