Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.Leidos has an immediate need for a Lead Software Assurance (SA)
Security Engineer to join our CBP Team.
The Lead SA Security Engineer will be responsible for the
Analyze user needs and software requirements to determine
feasibility of design and within time and cost constraints.
Apply coding and testing standards, security testing tools, threat
modeling and conduct code reviews.
Conduct trial runs of programs and software applications to ensure
the desired information is produced and instructions are correct. Identify common coding flaws.
Identify security issues around steady state operation and
management of software.
Incorporate security measures that must be taken when a product
reaches end of life.
Perform integrated quality assurance testing for security
functionality and resiliency attacks.
Perform secure programming and identify potential flaws in codes
to mitigate vulnerabilities.
Recognize security implications in the software acceptance phase,
including completion criteria, risk acceptance, and documentation, common
criteria and methods of independent testing.
Perform penetration testing as required for new or updated
Apply defense functions (ie: encryption, access control, identity
management) to reduce exploitation opportunities of supply chain
Apply comprehensive knowledge of Information Security issues to
include cloud technology, internet servers, web-enabled database application,
network security, security engineering, data integrity, intrusion detection,
firewalls management, forensic and legal information security, virtual private
networks, public key/infrastructure/digital signature, encryption, network
security architecture and DHS Policy.
Required Skills and Education: BS degree in Science, Technology, Engineering, Math or related field and 12 - 15 years of prior relevant experience with a focus on cyber security or Masters with 10 - 13 years of prior relevant experience. Must have an active Secret Clearance. In addition to the specific clearance requirement, all personnel supporting CBP must have a current background investigation (BI) or obtain a favorable BI before joining the program. Must have comprehensive knowledge of Information Security issues to include: Cloud technologyInternet serversWeb-enabled database applicationData integrityIntrusion detectionFirewalls managementForensic and legal information securityVirtual private networksPublic key/infrastructure/digital signatureEncryptionNetwork security architectureDesired Skills: Network
Security background Cloud/AWS
developing security test & certification procedure