Security Engineer

Leidos Airports, Borders, and Security is seeking a highly motivated Cybersecurity Engineer to support TSA on a nationwide program. The successful candidate will join an existing team supporting cloud-based infrastructure and devices deployed throughout the US and US Territories. The team is highly integrated, and the successful candidate will be expected to learn the existing architecture and provide support both during normal hours, after hour patching, and on call as needed. The individual will be expected to be able to work with minimal supervision and be self-directed in the areas of their responsibility.

In addition to responsibilities on program this candidate will provide their specialized knowledge to help push forward Transportation Security Administration (TSA) Modernization efforts. This role serves as a bridge between Leidos' innovative solutions and TSA's specific mission to protect the nation's transportation systems and ensure freedom of movement for people and commerce. As part of the team, the Security Engineer will design and implement network monitoring and identity management solutions, conduct threat modeling, and ensure compliance with security standards. The ideal candidate brings experience with security accreditation, vulnerability assessment, and hands-on technical implementation.

Primary Responsibilities:

• Administer and harden Cloud based environment.
• Administer and harden servers and workstations (e.g., RHEL, Windows) including OS configuration, patching, and security baseline enforcement.
• Administer and harden network appliances (e.g. VPN, SWG, NGFW) including configuration, patching, and security baseline enforcement.
• Generate compliance and vulnerability reports for leadership, auditors, and governance teams; track remediation progress and aging.
• Interpret technical vulnerabilities (CVEs, CVSS) and clearly communicate risk and remediation options to technical and non-technical stakeholders.
• Design, implement and maintain secure system architectures in accordance with organizational policies and industry best practices.
• Provide support for Active Directory and networking issues.
• Provide user support and training, managing system access, permissions, and issue resolution.
• Manage account creation, modification, and termination in compliance with security protocols.
• Implement/configure IT equipment per DISA STIGs and resolve compliance issues
• Run vulnerability and compliance scans and remediate findings
• Design and implement network monitoring and maintenance solutions
• Implement centralized account management for TSS Common Workstation (CW) users
• Create threat models for Leidos airport offerings and solutions
• Document and deliver any documentation that may be required to obtain Authorization to Operate (ATO) e.g., System Security Plan (SSP), Security Assessment Report (SAR), Contingency Plan, Network Ports, Protocols, and Services Management (PPSM)
• Resolve, track, and bring to closure Plan of Actions & Milestones (POA&M)

Basic Qualifications:

• Must be able to attain a suitability determination from TSA
• Demonstrated ability to work independently with minimal supervision
• Excellent problem-solving skills.
• Proficiency with common Agile practices, service-oriented environments, and better development practices
• Experience with networking ports and protocols, architecture of networked systems, functionality of various operating systems, cloud computing environments and common security tools.
• Experience in working collaboratively within a remote environment.
• Strong consulting, leading, and mentoring skills along with the ability to effectively communicate and collaborate with stakeholders at all levels.
• Broad knowledge of and experience with a wide variety of application technologies, platforms, and tools including security and infrastructure configuration and monitoring.
• Excellent written, verbal, and presentation communication skills.
• Demonstrated experience applying efficient task management and ability to adjust to changing requirements
• Excellent analytical and technical skills.
• Bachelor's Degree in Computer Science, Engineering, or a similar field or 10+ years relevant experience and associated certifications
• CISSP or Security + certification
• Experience working with government agency to obtain ATO for new IT services
• Experience enforcing DISA STIG security policies in Windows and Linux environments
• Familiarity with NIST Risk Management Framework (RMF)
• Familiarity with DISA STIGs and vulnerability scanning tools (e.g., Nessus, Nipper)

Preferred Qualifications:

• Experience implementing Endpoint Management Solutions (e.g., Trellix Endpoint Security, ePolicy Orchestrator)
• Experience with network monitoring solutions (e.g., PRTG)
• Experience with centralized Security Information and Event Management (SIEM) solutions (e.g., Splunk)
• Experience accrediting systems and obtaining ATO from TSA
• Familiarity with threat modeling tools (e.g., OWASP Threat Dragon, Microsoft Threat Modeling Tool)
• AWS Certification
• Familiarity with Red Hat Open Shift

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

Original Posting:
February 26, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:
Pay Range $131,300.00 - $237,350.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.