Job Description Description Cyber Security EngineerLocation: Farnborough, UK Looking for an opportunity to make animpact?.. Role Overview: Everything we do is built on a commitmentto do the right thing for our customers, our people and ourcommunity. Our mission and our values guide the way we do business.The foundation of our Leidos culture is our Values, Beliefs andExpectations by which we select, recognise and reward employees.They create the environment that drives us toward our mission.Inspired to make a difference, we are committed to solving theworld’s toughest problems. Passionate about customer success bybeing determined to understand and respond to our customers’ needsas if they were our own. United as a team, we are bound together byour conviction that ethics and integrity is core to how we operate.Because of a key strategic development and a new exciting businessopportunity, we have a requirement for a security-cleared CyberSecurity Engineer based in the UK working at our Farnborough siteand remotely. Leidos has more than 30 years’ experience ofdeveloping and running some of the largest government systems inthe world. We are currently hiring to expand our UK based technicalteam who support our delivery for the UK Govt. Come join our teamand further develop your skills as we deliver and support systemskey to the defence of the UK and partner nations. Being part of theLeidos team is a commitment to push yourself and those around youto do better, constantly adapt and learn new technologies. We’re apassionate team and are committed to developing and growing ourstaff. Leidos is a global science and technology solutions leaderworking to solve the world's toughest challenges in the defence,intelligence, homeland security, civil, and health markets. Thecompany's 33,000 employees support vital missions for governmentand commercial customers. What Will You Be Doing? As a result ofsome exciting programme wins, we currently have a permanent vacancyfor a Cyber Security Engineer to support the development andtransition into live of a new IT application and infrastructuresolution providing support to a critical operational end user.Leidos is seeking an enthusiastic protective security specialist tolead the implementation and assurance of security within a keydefence project. The incumbent will possess specialist skills inall areas of protective and information security and havedemonstrable experience of applying security frameworks such asGovernment Functional Standard 007. You will be joining a team ofhighly skilled and highly motivated individuals who are working onone of the UKs leading programmes. Required Skills: The CyberSecurity Engineer plays a crucial role in protecting THOR ITinfrastructure by using a blend of technical expertise andstrategic planning to ensure that the digital infrastructureremains secure from various types of attacks and vulnerabilities.You will be responsible for planning and implementing appropriatesecurity controls to ensure that the information within THOR iskept secure. Key functions/outputs: 1. Vulnerability Scanning &Reporting 2. Endpoint Security 3. Incident Management & Tickets4. System Hardening 5. Change Work 6. Participation in RegularMeetings 7. Documentation Main Objectives: Vulnerability Scanning& Reporting Perform regular vulnerability scans and generatereports utilising the below tool sets or similar. The processshould be focused on ensuring that the below tool sets are kept upto date and ensure that scans are performed regularly to helpassist the Vulnerability and Patch Manager with identifyingweaknesses in the system. - Code Scans: perform regular code scansto audit code quality metrics, potential bugs, and securityvulnerabilities. - Vulnerability Management Tooling: performregular Vulnerability Management Scans and ensure that thewarehouse and plugins are kept up to date to capture newvulnerabilities. - Reporting: assist the Vulnerability and PatchManager with generating regular vulnerability management reports,which are to be provided to the THOR cyber security and IA lead.Endpoint Security: - Endpoint Protection: perform regular updatesto Endpoints to ensure the latest packages are applied and policiesare amended to keep up to date with new and emerging threats. -Antivirus and Anti-malware Protection: perform compliance checks toensure that antivirus and anti-malware protection is deployedsuccessfully and being kept up to date by the relevant team. -Network Controls: perform compliance checks and regular audits ofnetwork controls (i.e. firewall rules) to ensure that unauthorisedaccess and threats are being blocked. - Access Control: ensuringthat access controls have been implemented correctly to only allowauthorised users to gain access to certain data and systems.Incident Management & Tickets: - Incident Identification: helpto recognise and confirm potential incidents through alerts, logsand user reports. This includes distinguishing between true threatsand false positives. - Incident Response: respond to potentialsecurity breaches or cyber-attacks. The main effort should focus oncontainment, mitigating the damage, investigation of the root causeof the incident and restoring to normal operations. - TicketRequests: respond to and resolve any tickets raised to the LeidosSecurity group on SD+ that require Cyber Security Engineeringinput. System Hardening: - Patch Updates to Security Products:ensure that the security tool sets are kept up to date with regularsecurity patches and software updates to fix vulnerabilities andimprove system security. - System Compliance: perform regularsystem compliance audits and updates to ensure that the systems arecompliant with industry best practices. This includes CIS, STIG,NIST etc. - Security Enforcing Function Configuration: Assist inthe design, reviews and updates to security enforcing functions(i.e. GPOs or System Policies) and system controls to ensure thatthey are compliant and fit for purpose. - VulnerabilityAssessments: conduct periodic assessments to identify and addresspotential vulnerabilities. Change Work: - Security Impact TriageTool (SITT): Assist in evaluation and impact assessment of systemchange to security posture of the environments. - SecurityEvaluation, Testing and Assurance (ST&V): perform Security,Evaluation, Testing and Assurance activities for any new changesthat are planned in as part of PI Planning. Participation inRegular Meetings: Cyber Security Engineers are expected to lead orattend numerous meetings that require their input. This may includethe following depending on work activity. - Security Working Group(SWG - Vulnerability Triage - Security Workshop - PI Planning -Daily Standups (Blue/Green Team) Documentation: Cyber SecurityEngineers are responsible for creating, maintaining and reviewingdetailed documentation. This includes High-Level & Low-LevelDesigns (HLD/LLD), Standard Operating Procedures (SOP) andcompliance reports, and other ad-hoc security documentation, etc.Clearance Requirements: - Clearance to Start SC - Clearance forRole DV Intrigued? We’d love to hear from you... What we do foryou: At Leidos we are PASSIONATE about customer success, UNITED asa team and INSPIRED to make a difference. We offer meaningful andengaging careers, a collaborative culture, and support for yourcareer goals, all while nurturing a healthy work-life balance. Weprovide an employment package that attracts, develops and retainsonly the best in talent. Our reward scheme includes: • ContributoryPension Scheme • Private Medical Insurance • 33 days Annual Leave(including public and privilege holidays) • Access to Flexiblebenefits (including life assurance, health schemes, gymmemberships, annual buy and sell holidays and a cycle to workscheme) • Dynamic Working Commitment to Diversity: We welcomeapplications from every part of the community and are committed toa truly diverse and inclusive culture. We foster a sense ofbelonging, welcoming all perspectives and contributions, andproviding equal access to opportunities and resources for everyone.If you have a disability or need any reasonable adjustments duringthe application and selection stages please let us know, and wewill respond in a way that best fits your needs. Who We Are: LeidosUK & EUROPE – we work to make the world safer, healthier, andmore efficient through technology, engineering and science. Leidosis a growing company delivering innovative technology and solutionsfocused on safeguarding critical capabilities and transformation infrontline services, our work in the United Kingdom includesaddressing some of the most complex problems in defence,healthcare, government, safety and security, and transportation.What Makes Us Different: Purpose: you can use your passion andabilities at Leidos to keep the people you care about safe. We areat the forefront of machine learning, AI, cyber security andsolutions. Using your skills in the technology frontline by helpingto build a safer world. You can inspire change. Collaboration:having flexibility to do your job is one of our core benefits,enabling you to become part of our extraordinary team. We have beenempowering our people to work flexibly for years. Whether you workfrom home, the office or on customer sites, we will give you thedigital tools and the flexibility to work smarter and align yourneeds and ours. People: Leidos empowers people from everybackground to be themselves and gives you the tools to learn newskills by enabling growth whilst developing. We believe thatextraordinary people need opportunities to grow, to be inspired andto inspire others. At Leidos, we invest in technical academies,career rotations and a career development plans that enhance yourfuture. Original Posting Date:2024-11-11 While subject to changebased on business needs, Leidos reasonably anticipates that thisjob requisition will remain open for at least 3 days with ananticipated close date of no earlier than 3 days after the originalposting date as listed above. Pay Range: The Leidos pay range forthis job level is a general guideline only and not a guarantee ofcompensation or salary. Additional factors considered in extendingan offer include (but are not limited to) responsibilities of thejob, education, experience, knowledge, skills, and abilities, aswell as internal equity, alignment with market data, applicablebargaining agreement (if any), or other law.