Description

🚀 Cyber Security Engineer / ISSE – Lead Security Engineering for Mission‑Critical Systems

Leidos is seeking a Cyber Security Engineer / Information Systems Security Engineer (ISSE) to support a high‑visibility, mission‑essential enterprise program. In this role, you’ll apply deep security engineering expertise to design, assess, and harden complex systems while guiding them through the full Risk Management Framework (RMF) lifecycle. If you thrive at the intersection of technical engineering, cybersecurity strategy, and accreditation excellence, this is where your impact will be felt immediately.

You’ll collaborate with accreditation authorities, system owners, and engineering teams to ensure systems achieve and maintain Authorization to Operate (ATO) while meeting the highest security standards.

🌐 What You’ll Do

As a senior security engineer, you’ll shape the security posture of mission‑critical applications and lead the engineering of RMF artifacts across a large‑scale enterprise environment.

Your responsibilities include:

• Supporting mission‑critical applications through the full ATO lifecycle in alignment with customer security policies

• Leading security engineering efforts and contributing to system design with a focus on secure architecture

• Ensuring ATO packages adhere to RMF and DoD security guidelines by working closely with technical leads, developers, and system owners

• Providing expert ISSE guidance across engineering tasks and projects

• Defining system functions, information types, operating environments, and security requirements

• Producing security artifacts and evidence for RMF control validation

• Reviewing and tailoring security controls to ensure adequate protection

• Determining assurance measures to meet system assurance requirements

• Designing and implementing security controls and best practices, including Zero Trust Architecture

• Conducting A&A activities and coordinating with DAO representatives and security teams

• Creating and updating RMF documentation and artifacts in eMASS

• Reviewing system audit logs and taking corrective action when needed

• Performing security monitoring, audits, and control assessments using enterprise tool suites

• Delivering technical briefings and TEMs to communicate security concepts to non‑technical stakeholders

• Developing security assessment criteria to ensure development teams meet A&A requirements

• Ensuring compliance with encryption standards and secure communications

• Staying ahead of emerging security trends and technologies to support future mission needs

• Mentoring team members and supporting project execution across the security engineering team

🎯 Required Qualifications & Skills

You bring deep technical expertise, strong security engineering instincts, and the ability to lead complex accreditation efforts.

• Active DoD TS/SCI clearance

• Current DoD 8140‑compliant security certification</b>; ability to obtain CE certification within 6 months

• 10+ years of experience in software engineering, system design, configuration management, integration testing, or information system engineering

• 5+ years of experience in system security analysis, secure system design, or protocol/interface standards

• Experience with Assessment & Authorization (A&A) for multiple security applications

• Experience preparing SSPs, risk assessments, SOPs, and contingency plans

• Demonstrated experience creating and validating RMF security control evidence

• Experience hardening Windows and Linux systems (ports, protocols, security groups, patching)

• Working knowledge of RHEL 9 and Windows Server 2019/2022

• Ability to work in an Agile environment using sprints and Jira boards

• Experience applying Agile methodologies to security engineering workflows

• Proficiency with enterprise scanning tools such as Tenable, Burp Suite, Defender for Endpoint, ACAS, ESS, and Tanium

• Strong communication skills for both technical and non‑technical audiences

• Ability to manage multiple tasks in a dynamic environment