Information Security

INFORMATION ASSURANCE ENGINEERLocation: 90% On-site travel to Huntingdon, 10% travel to West London Clearance Level: High - DV 'Developed Vetting' Role Description We require an information assurance engineer for support to our customer projects, Logistics, Civil and National Security Defence and Intelligence groups in the UK. You may need to apply for additional personnel security clearances. We are looking for individuals who join a high-performing team and work confidently to make excellent security happen quietly for our customers with high assurance and no fuss. Simple, effective security that our customers value. The role will support work that produces robust and efficiently managed assurance solutions for our customers sensitiveprogrammes. The role (first deployment) requires a high degree of third-party and customer liaison and will establish then support in ongoing growth including an on-boarding cycle each month. This will bring some diversity in what is required day-to-day and with flexible operating parameters to maintain service in an agile environment, will require good scheduling and scheduling prioritisation skills. Beyond we expect to develop further information assurance opportunities as our customer base and each of the projects we deliver continue to expand, including the use of common tooling that will facilitate the tracking and reporting of assurance actions. We are also developing NIST-compliant risk assessment methodology and tooling that is raising our quality and customer confidence, you will be part of these developments. The role in P-ITSM and likely other projects later will be responsible to the cyber lead for project outcomes and to help with career planning and personal development for junior members of the team. The ideal candidate will support the wider Leidos security capability, beyond Information Assurance, joining a talented and multi-faceted cyber team with a reach across our UK business delivering on our customer commitments and seeking out great opportunities to deliver great security by design. Candidate Essentials British - Non-dual nationalmany of our projects have nationality restrictions DV clearedCandidates should be willing to undergo SPC. Experience in delivering accredited security solutions in sensitive government scenarios Essential Process Skills/Experience Experience of the IT systems engineering lifecycle Understanding of the controlling processes for the systems engineering lifecycle (e.g. requirements management, configuration management, testing and assurance) and where cyber assurance fits in to these Understanding of differentlifecycles/methodologies(waterfall, incremental, SAFE, DevOps) Managing ITHC activities through the lifecycle from scoping, coordination and remediation management Solid understanding of Confidentiality, Integrity, Availability and Safety (CIA+S) and practical experience in applying that understanding in management of risk and response to events and changes Experience of process involved in gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating responses to security requirements for a system Experience in maintaining elements of security documentation sets (SyOPS, RMADs, Security Management Plans, ISMS elements, CARBN) Desirable Experience Experience working in both delivery and proposal environments Experience working in MOD AS environments Technology skills/Experience Understanding of principles of network and boundary protection technologies (firewalls, mail gateways, load balancers, antivirus, IPS, IDS, Diodes) Understanding of Protective Monitoring systems (SIEM/SOC) and the principles of their deployment. Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc) Understanding of encryption and protocols and structures in support of deployment, e.g. custodian. Understanding of purpose and effectiveness of penetration tests or IT Health Checks. Communication and Soft Skills Excellent verbal and written communication skills and works well in a team environment; Capable of developing and communicating reports to meet defined objectives for intended audience; A good level of commercial awareness and project disciplinesWhat we do for you: At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes:Contributory Pension Scheme Private Medical Insurance 33 days Annual Leave (including public and privilege holidays) Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme) Access to Flexi-time benefitsCommitment to Diversity: We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs. Who We Are: Leidos UK & EUROPEwe work to make the world safer, healthier, and more efficient through technology, engineering and science. Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in frontline services, our work in the United Kingdom includes addressing some of the most complex problems in defence, healthcare, government, safety and security, and transportation. What Makes Us Different: Purpose: you can use your passion and abilities at Leidos to keep the people you care about safe. We are at the forefront of machine learning, AI, cyber security and solutions. Using your skills in the technology frontline by helping to build a safer world. You can inspire change. Collaboration: having flexibility to do your job is one of our core benefits, enabling you to become part of our extraordinary team. We have been empowering our people to work flexibly for years. Whether you work from home, the office or on customer sites, we will give you the digital tools and the flexibility to work smarter and align your needs and ours. People: Leidos empowers people from every background to be themselves and gives you the tools to learn new skills by enabling growth whilst developing. We believe that extraordinary people need opportunities to grow, to be inspired and to inspire others. At Leidos, we invest in technical academies, career rotations and a career development plans that enhance your future.TPBN1_UKTJ