Information Systems Security Engineer
About the role
The Leidos Digital Group is seeking an Information Systems Security Engineer (ISSE) to support a high visibility, fast-paced program. The ISSE will assist with scheduling and running vulnerability scans using Tenable SecurityCenter/Nessus (ACAS) in classified and unclassified environments. They will review scan results to identify potential CAT I/II/III findings, false positives, and basic configuration issues. They will also identify hardening requirements and apply STIGs. The role involves supporting the remediation of high-priority vulnerabilities, maintaining data accuracy within ACAS, preparing basic vulnerability reports, and coordinating with various teams.
Responsibilities
- Help prepare basic vulnerability reports, compliance summaries, and metrics to support leadership briefings and inspection readiness (e.g., CCRI/CORA).
- Aid in maintaining asset groupings, scan zones, and credentialed scanning configurations as directed by senior analysts.
- Cook up plans to track remediation actions, Plans of Action and Milestones (POA&Ms), and exceptions in accordance with RMF guidance.
- Follow established procedures to validate DISA STIG checklists and work with team members to ensure secure system configurations.
Requirements
- Active DoD Secret clearance required.
- CompTIA Security+ CE or higher DoD 8570 IAT Level II certification.
- BS Degree and 4-8 years of cybersecurity or system administration experience, with at least 1 year of direct ACAS or Tenable experience.
- Working knowledge of DISA STIGs, vulnerability risk levels, and POA&M remediation strategies.
- Familiarity with NIST SP 800-53, RMF compliance, and Air Force cybersecurity policy (AFMAN 17-130).
- Strong attention to detail, documentation skills, and the ability to interpret technical vulnerability data.
Qualifications
- Experience supporting USAF, DISA, or other DoD mission systems.
- Familiarity with EvaluateSTIG, StigViewer, OpenSCAP, Nessus/ACAS, and prior involvement in CCRI/CORA preparation or vulnerability remediation campaigns.
- Ability to communicate risk-based recommendations to both technical and non-technical stakeholders.
- Understanding of automation tools/scripts (e.g., PowerShell, Nessus APIs) to support scan or report optimization.
Skills
- Expertise in DISA STIGs, vulnerability risk levels, and POA&M remediation strategies.
- Knowledge of NIST SP 800-53, RMF compliance, and Air Force cybersecurity policy (AFMAN 17-130).
- Strong attention to detail and documentation skills.
- Ability to interpret technical vulnerability data.
- Experience with automation tools/scripts (e.g., PowerShell, Nessus APIs).
Benefits
The position offers a competitive compensation package, health and wellness programs, income protection, paid leave, and retirement benefits. For more details, visit www.leidos.com/careers/pay-benefits.
Pay
The pay range for this position is $87,100.00 - $157,450.00. The actual salary will be determined based on internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Schedule
The schedule for this position is flexible and designed to accommodate the fast-paced nature of the program. Employees are expected to work standard business hours, but may be required to work additional hours as needed to meet project deadlines.