Leidos is seeking a Cyber Security Engineer to join a dedicated team responsible for ensuring customer sites maintain a robust cyber security posture. You will provide cybersecurity engineering services for classified and unclassified networks, delivering operational and engineering support.
What You'll Do
- Develop creative solutions to complex technical issues and problems.
- Work with engineering teams to ensure systems meet required security posture against baseline requirements.
- Collaborate with the Security Monitoring engineering team to ensure logs are forwarded to the SIEM capability.
- Work with the customer and appropriate agencies to develop new policies, design processes and procedures, and develop technical designs.
- Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems, and test security products and systems to detect security weakness.
- Maintain and support security enforcing functions.
What We're Looking For
- Security Clearance Required - DV ('Developed Vetting').
- Experience working in MOD or Home Office project environments.
- Strong knowledge of network and system security, including firewalls, IDS/IPS, micro-segmentation, and host security.
- Hands on experience with security products Trellix, Ivanti, ClearSwift, Yubikey.
- Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25).
- Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication.
- Incident detection and response in MOD environments.
- Knowledge of security compliance and regulatory frameworks (e.g., NIST, CIS Benchmarks).
- Experience working with Kubernetes at an administrative level.
- Strong leadership and mentoring abilities.
- Effective communication with development, operations, and security teams.
- Ability to advocate for security best practices in a DevOps culture.
Nice to Have
- Expertise in Kubernetes security (e.g., RBAC, network policies, pod security standards, secrets management).
- Knowledge of container runtime security (e.g., container escapes, rootless containers, sandboxing).
- Image security best practices, including scanning, signing, and provenance verification.
- Secure deployment patterns using Tanzu & Kubernetes.
- Runtime security monitoring.
- Secure CI/CD pipeline design with security testing using like Git and SonarQube.
- Implementation of Infrastructure as Code (IaC) security (e.g., Terraform, Ansible).
- Secrets management in CI/CD pipelines using Vault or Kubernetes Secrets.
- Security automation and policy enforcement using tools like GitHub Actions, GitLab CI and Jenkins.
- Strong knowledge of cloud security principles in a containerised environment.
- Kubernetes security posture management (KSPM) using tools like Trivy.
- Secure ingress/egress controls, service mesh security (e.g., Istio).
- Encryption strategies for data at rest, in transit, and in use.
- Network security best practices for Tanzu container networking (e.g., NSX, Rancher).
- Compliance monitoring and security auditing for cloud-native environments.
- Scripting skills in Python, PowerShell for security automation.
- API security knowledge (e.g., OAuth, JWT, API gateways, rate limiting).
- Experience with Security as Code for automated policy enforcement.
Technical Stack
- Security Products: Trellix, Ivanti, ClearSwift, Yubikey
- Container & Orchestration: Kubernetes, Tanzu
- DevSecOps Tools: Git, SonarQube, Terraform, Ansible, Vault, GitHub Actions, GitLab CI, Jenkins, Trivy
- Network Security: Istio, NSX, Rancher
- Scripting Languages: Python, PowerShell
Team & Environment
You will be working within a team of engineers, collaborating closely to deliver security engineering services.
Benefits & Compensation
- Compensation: £47,600.00-£61,000.00
- Contributory Pension Scheme
- Private Medical Insurance
- 33 days Annual Leave (including public and privilege holidays)
- Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme)
- Flexi-Time
Work Mode
This is a hybrid position based in Huntingdon, UK.
We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs.
