Cyber Security Engineer
Company: Leidos
Location: Bethesda
Posted on: April 2, 2026
|
|
|
Job Description:
Leidos has an exciting opening for you, our next TS/SCI Cyber
Security Engineer working across several Task Orders under the
DOMEX Technology Platform (DTP) contract supporting NMEC. Have
impact as part of a mission focused, solutions oriented, and
adaptive team that values innovation, collaboration, and
professional development. As a Cyber Security Engineer, your job
will be to design, develop, and implement secure systems in
on-premises infrastructure. You will leverage on your experience
with security technologies and industry best practices to ensure
that security is integrated into system design, development,
testing, and deployment and that all security requirements are
compliant with the DoD Risk Management Framework. This exciting and
challenging work will help you expand your capabilities in security
and will provide you with the skills and experience you need to
achieve additional levels of the DoD 8570 IAT and IASAE
Certifications. While most work is conducted on-site at our client
location in Bethesda, MD, we offer a flexible schedule and,
occasionally, some tasks may be performed remotely. Percentage of
remote work will vary based on client requirements/deliverables. In
this role, you will collaborate closely with ISSOs, ISSSMs,
software engineers, software developers, system engineers and
Government counterparts to perform the full spectrum of systems and
cyber security engineering tasks to ensure our systems meet a
variety of regulatory compliance frameworks. Key Tasks include the
following: Support the secure architecture, design, and
implementation of DoD systems in accordance with DoDI 8510.01, NIST
SP 800-53, and other DoD security guidance. Lead the integration of
RMF activities into the system development lifecycle (SDLC),
including selecting, implementing, and validating security
controls. Develop and maintain key security documentation such as
System Security Plans (SSPs), Security Assessment Reports (SARs),
Risk Assessments, and Plan of Action and Milestones (POA&Ms).
Collaborate with ISSOs, ISSMs, developers, and system owners to
ensure systems are developed and maintained with approved security
configurations. Apply Security Technical Implementation Guides
(STIGs) to systems and validate compliance using tools such as
SCAP, STIG Viewer, and ACAS. Maintain application, network, and
database scanning infrastructure (application/product updates,
database maintenance, benchmark/audit files, application/server
builds, rule pack/content updates, scanner, or agent deployment
etc.) Analyze vulnerability scans and ensure timely mitigation or
acceptance of risks based on DoD policies. Provide technical input
to support and maintain system authorization. Participate in system
reviews, architecture assessments, and engineering design reviews
to embed cybersecurity from the outset. Develop and implement
automation or security tools to improve the compliance and
monitoring of systems. Support security incident response and
forensics analysis in coordination with ISSMs and Security points
of contact. Requirements: BS degree and 8 years of experience in
cybersecurity. Additional relevant years of experience in lieu of
degree is accepted. An active TS/SCI clearance with ability to
obtain a Poly Have at least one of the following DoD 8570.01-M
IASAE Level II certifications: CISSP, CISSP-ISSAP, CISSP-ISSEP,
CSSLP, or CASP CE. NOTE: the CISSP Associate is not acceptable
Developer experience is preferred in a least one scripting /
programming language. Experience with reviewing cybersecurity
vulnerabilities for risk and relevance as well as in vulnerability
mitigations/remediation planning, for identified systems, network,
application and database vulnerabilities Ability to architect,
design, troubleshoot, maintain, and deploy vulnerability scanning
solutions such as (OWASP, Fortify, Sonarqube, Tenable, etc.)
Experience with XACTA, EMass, or similar tool Strong in-depth
understanding of including Microsoft Windows and Linux/UNIX
operating systems Experience with middleware / web technologies
(Apache, tomcat, IIS, etc.) Experience with Databases (Postgres, MS
SQL, MySQL, ElasticSearch, etc.) Understanding of TCP/IP
networking. Experience with Continuous Integration and Continuous
Delivery Platforms (Jenkins, Bamboo, GitlabCI TFS, etc.) Familiar
with NIST 800-171, 800-172, NIST SSDF, and CMMC requirements.
Experience with NIST Special Publications e.g. NIST SP 800-27, 30,
37, 53, 60, 171, NIST SSDF, CMMC requirements, and CNSS publication
CNSSI 1253 Experience supporting DoD/IC systems through the entire
Risk Management Framework Plus (RMF) process Experience
establishing a System Security Engineering management process to
integrate security and privacy controls into complex hardware and
software systems Experience developing and reviewing security
concept of operations, systems security plans, security risk
assessments, contingency plans, configuration management plans
Experience with incident response plans, plan of actions and
milestones, risk management plans, and vulnerability management
plans Strong communication skills; able to successfully communicate
with management personnel, technical personnel and third parties.
You will wow us even more if you have these skills: Software
development/coding experience with programming languages such as
Python, Java, and React Successfully achieved ATO under RMF
Experience with big data applications Experience with tools for
ticketing and documentation (e.g., Gitlab, Jira, Confluence).
Experience working in an Agile environment Experience with OIDC or
Oauth2 Experience with any of the following technologies:
Kubernetes, Rancher, Strimzi, or Cloudera Active Directory
Scripting languages like bash, python, or PowerShell NMECDTP-Leidos
If you're looking for comfort, keep scrolling. At Leidos, we
outthink, outbuild, and outpace the status quo — because the
mission demands it. We're not hiring followers. We're recruiting
the ones who disrupt, provoke, and refuse to fail. Step 10 is
ancient history. We're already at step 30 — and moving faster than
anyone else dares. Original Posting: March 26, 2026 For U.S.
Positions: While subject to change based on business needs, Leidos
reasonably anticipates that this job requisition will remain open
for at least 3 days with an anticipated close date of no earlier
than 3 days after the original posting date as listed above. Pay
Range: Pay Range $107,900.00 - $195,050.00 The Leidos pay range for
this job level is a general guideline only and not a guarantee of
compensation or salary. Additional factors considered in extending
an offer include (but are not limited to) responsibilities of the
job, education, experience, knowledge, skills, and abilities, as
well as internal equity, alignment with market data, applicable
bargaining agreement (if any), or other law.
Keywords: Leidos, Columbia , Cyber Security Engineer, IT / Software / Systems , Bethesda, Maryland
