Leidos is an innovation company rapidly addressing the world’s most vexing challenges in national security and health.
Senior Network Security Engineer
Location
United States
Posted
2 days ago
Salary
$92.3K - $166.9K / year
Seniority
Senior
Job Description
Senior Network Security Engineer
Leidos
• Operate and maintain secure network solutions operated as a centralized enterprise capability for the United States Army • Partner with key stakeholders and technical experts to perform legacy environment discovery, assessing current capabilities, configurations, and requirements to provide network firewall migration support for the Army global network • Analyze and understand complex firewall security zones and policies with the ability to transform policies between multiple vendor firewall devices while meeting mission requirements • Support secure access solutions leveraging zero trust network access (ZTNA) including support for creation of new access policies and maintenance of existing policies • Integrate capacity planning and scaling of network and security stack environments into the overall operational support processes and staff • Collect, investigate, and identify network resource management strategies and techniques to meet capacity and performance requirements • Work with information assurance teams and the AGUN cybersecurity service provider (CSSP) to ensure compliance to DoD standards to assist with maintenance of the network security posture • Document designs, diagrams, drawings, and technical narratives using wiki technologies and common diagram and drawing tools
Job Requirements
- Must currently possess and be able to maintain an active DoD SECRET security clearance
- Minimum of a Bachelor’s degree with 10+ years' experience or Master's degree with 10+ years of experience (additional years of directly applicable experience may be accepted in lieu of a degree)
- Require active DoD IAT Level II (i.e. Security+) certification or equivalent prior to start
- Must obtain and maintain an approved Computing Environment (CE) certification applicable to the supported technology environment within six (6) months of hire
- Expert understanding of networking and virtualization of firewalls including VSYS in a multi-tenant environment
- Demonstrated experience with networking concepts such as LAN, WAN, BGP, TCP/UDP, IPSec, VPN, Routing(L2/L3), and firewalls in a virtualized environment
- Demonstrate experience in one or more of the following enterprise network management tools such as Palo Alto Panorama, Cisco Prime, Cisco DNA, or Junos Space
- Demonstrate experience in system hardening of network infrastructure to include DoD STIG implementation
- Must have experience in working with two or more of the following vender network technologies: Cisco, Juniper, Palo Alto, Dell, RAVPN, Global Protect, or AppGate
- Experience with the following protocols: SFTP, SSH, SCP, MPLS, SNMP, NTP
- Must be able to work as part of a team to execute troubleshooting and resolve complex network security issues
- Must have excellent written and verbal communication skills
- Must be willing to work non-standard shifts to accomplish network migration objectives and goals
- Must be able to interface with customers
- Must be willing to travel up to 10% of the time
Benefits
- Health and Wellness programs
- Income Protection
- Paid Leave
- Retirement
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Collaborate with experienced security professionals to design, build, and maintain secure CI/CD pipelines using GitHub Actions and workflow automation • Enhance pipeline reliability, performance, scalability, and developer experience through automation and optimization. • Embed security controls including SAST, DAST, dependency scanning, and container security into the software delivery lifecycle. • Support the integration of AI-enabled automation tools for code analysis, vulnerability prioritization, workflow optimization, and security operations. • Ensure governance, risk, and compliance consistency through adherence to Cisco security policies and regulatory requirements. • Monitor pipeline health, security posture, and operational effectiveness while identifying opportunities for continuous improvement. • Collaborate with software engineering and platform teams as a technical resource supporting secure software development initiatives.
• Define, own, and continuously evolve the enterprise identity and access management strategy, roadmap, and target architecture • Develop and maintain a prioritized backlog of identity initiatives, balancing risk reduction, and user experience • Present roadmap progress, risks, and recommendations to leadership and the CISO • Lead and participate in the design, configuration, and deployment of identity solutions using Okta and Microsoft Entra ID (Azure AD) • Drive the implementation and optimization of IGA capabilities including access certifications, role management, and joiner/mover/leaver processes • Oversee PAM tooling and processes, including privileged account provisioning, session management, and just-in-time access controls • Define and enforce identity standards, policies, and patterns for adoption across engineering and operations teams • Serve as the primary point of contact for identity platform vendors, managing contracts, escalations, and roadmap alignment • Build strong working relationships with clinical leads, IT operations, data governance, and HR to ensure identity controls support workforce needs • Communicate complex identity concepts in accessible terms to non-technical stakeholders across the organization
AI Security Consultant
NCC GroupA global team at the heart of cyber innovation, together we create a more secure digital future
• Identify and mitigate risks in AI models, applications and data pipelines • Design and implement security protocols for AI/ML systems and infrastructure, models and data pipelines • Review applications and services using AI against both generic and AI specific threats • Conduct threat modeling and risk assessments • Monitor systems for anomalous behaviors • Assess and secure endpoints and APIs for model access and inference • Collaborate with stakeholders, engineers, data scientists and IT to integrate security into systems and infrastructure • Deliver client reports on AI security protocols and policies, and document best practices • Develop and implement AI security training for internal and external stakeholders
• Plan and execute end-to-end hardware penetration tests on embedded and IoT devices, against a defined scope and rules of engagement • Identify, access, and exploit on-board debug interfaces: JTAG, SWD, UART, and similar, to gain code execution or memory access • Extract firmware via debug ports, in-circuit flash reads (SPI / I2C / NAND), or chip-off when required, and analyze it for vulnerabilities • Intercept and analyze data on common embedded buses (SPI, I2C, UART, CAN, USB) using logic analyzers and protocol decoders • Where in scope, perform side-channel analysis and fault injection (power analysis, voltage/clock glitching) to bypass secure boot, readout protection, or authentication • Reverse engineer firmware and embedded binaries (Ghidra, IDA, Binwalk, etc.) to find logic flaws, hardcoded secrets, and exploitable conditions • Assess physical attack surface, tamper resistance, and key/secret storage • Distinguish between theoretical and operationally relevant risk to keep findings actionable • Write high-quality technical reports and present findings to client stakeholders, both technical and non-technical • Advise on practical, prioritized remediation that clients can act on • Build client confidence through credibility, clear communication, and proven impact • Build and maintain lab tooling, test rigs, and internal methodology • Contribute to research, responsible disclosure, and internal knowledge-sharing • Stay current on hardware attack techniques, embedded architectures, and defensive controls
