Leidos
Description
The Digital Modernization Sector at Leidos currently has an opening for a Cyber Network Engineer to work in our Lorton, VA office. This is an exciting opportunity to use your experience helping the Homeland Enterprise Information Technology Secure Services & Support (HEITS) Program contracted mission. In this mission we support the Department of Homeland Security to deliver cybersecurity and information assurance services.
Primary Responsibilities
The Network Engineer (with a strong security background) is responsible for designing, implementing, and maintaining secure, highly available network infrastructure in support of the Department of Homeland Security. This role blends traditional network engineering (routing, switching, wireless, WAN) with hands‑on security responsibilities, including firewall management, VPN design, network segmentation, and support for vulnerability management and compliance activities.
Implement and maintain secure network architectures (e.g., segmentation, zoning, DMZs, zero‑trust‑aligned designs) in accordance with organizational policies and industry best practices.
Support vulnerability management efforts by assisting with scans, reviewing network‑related findings, and implementing remediation (e.g., ACL changes, firewall rule updates, network device patching).
Monitor network performance, availability, and security using enterprise monitoring tools; identify and resolve issues proactively.
Create and maintain network documentation, including diagrams, IP address management, configuration baselines, and SOPs.
Collaborate with cybersecurity, systems, and application teams to ensure network designs support security, performance, and scalability requirements.
Participate in incident response activities involving network components (e.g., traffic captures, log analysis, isolation/containment actions).
Assist with audits and compliance activities by providing network configurations, evidence, and technical explanations as needed.
Maintain all Body of Evidence (BOE) documentation for which the Contractor is the prime author for the duration of the contract. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval.
Basic Qualifications
Bachelor’s degree in Information Technology, Computer Science, Engineering, or related field and 8+ years of experience; or additional equivalent combination of education and experience may be considered in lieu of a degree.
US Citizen, An active TS/SCI security clearance is required.
5–8+ years of hands‑on experience as a Network Engineer (or similar role) supporting enterprise networks.
Strong experience with Cisco routing and switching (e.g., BGP, OSPF, EIGRP, VLANs, STP, EtherChannel, QoS) in medium‑to‑large enterprise environments.
Demonstrated experience managing Palo Alto next‑generation firewalls (including security policies, NAT, VPNs, and Panorama) and Cisco firewall/VPN solutions (e.g., ASA, Firepower).
Solid understanding of network security concepts: segmentation, least privilege, zero trust principles, IDS/IPS, NAC, and secure remote access.
Familiarity with vulnerability management tools and processes, and the ability to interpret and act on scan results related to network devices.
Experience with network monitoring and logging tools (e.g., SolarWinds, Splunk, ELK, or similar).
Strong troubleshooting skills across OSI layers 1–7, including packet capture and analysis (e.g., Wireshark).
Excellent written and verbal communication skills, with the ability to document and explain complex technical topics to both technical and non‑technical stakeholders.
Preferred Qualifications
Current industry certifications such as Cisco CCNA/CCNP, Palo Alto PCNSA/PCNSE, Network+, Security+, CySA+, CISSP, or equivalent.
Experience working in regulated or compliance‑driven environments (e.g., FISMA, FedRAMP, NIST 800-53, HIPAA, PCI‑DSS, etc.).
Experience supporting hybrid or cloud environments (e.g., AWS, Azure, GCP) including cloud networking and security services (VPCs, security groups, transit gateways, etc.).
Experience with automation and scripting for network tasks (e.g., Python, Ansible, PowerShell).
Experience with Zero Trust architecture and modern identity‑centric security models.
Pay Range: $107,900.00 - $195,050.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Commitment to Non‑Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr
The Digital Modernization Sector at Leidos currently has an opening for a Cyber Network Engineer to work in our Lorton, VA office. This is an exciting opportunity to use your experience helping the Homeland Enterprise Information Technology Secure Services & Support (HEITS) Program contracted mission. In this mission we support the Department of Homeland Security to deliver cybersecurity and information assurance services.
Primary Responsibilities
The Network Engineer (with a strong security background) is responsible for designing, implementing, and maintaining secure, highly available network infrastructure in support of the Department of Homeland Security. This role blends traditional network engineering (routing, switching, wireless, WAN) with hands‑on security responsibilities, including firewall management, VPN design, network segmentation, and support for vulnerability management and compliance activities.
Implement and maintain secure network architectures (e.g., segmentation, zoning, DMZs, zero‑trust‑aligned designs) in accordance with organizational policies and industry best practices.
Support vulnerability management efforts by assisting with scans, reviewing network‑related findings, and implementing remediation (e.g., ACL changes, firewall rule updates, network device patching).
Monitor network performance, availability, and security using enterprise monitoring tools; identify and resolve issues proactively.
Create and maintain network documentation, including diagrams, IP address management, configuration baselines, and SOPs.
Collaborate with cybersecurity, systems, and application teams to ensure network designs support security, performance, and scalability requirements.
Participate in incident response activities involving network components (e.g., traffic captures, log analysis, isolation/containment actions).
Assist with audits and compliance activities by providing network configurations, evidence, and technical explanations as needed.
Maintain all Body of Evidence (BOE) documentation for which the Contractor is the prime author for the duration of the contract. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval.
Basic Qualifications
Bachelor’s degree in Information Technology, Computer Science, Engineering, or related field and 8+ years of experience; or additional equivalent combination of education and experience may be considered in lieu of a degree.
US Citizen, An active TS/SCI security clearance is required.
5–8+ years of hands‑on experience as a Network Engineer (or similar role) supporting enterprise networks.
Strong experience with Cisco routing and switching (e.g., BGP, OSPF, EIGRP, VLANs, STP, EtherChannel, QoS) in medium‑to‑large enterprise environments.
Demonstrated experience managing Palo Alto next‑generation firewalls (including security policies, NAT, VPNs, and Panorama) and Cisco firewall/VPN solutions (e.g., ASA, Firepower).
Solid understanding of network security concepts: segmentation, least privilege, zero trust principles, IDS/IPS, NAC, and secure remote access.
Familiarity with vulnerability management tools and processes, and the ability to interpret and act on scan results related to network devices.
Experience with network monitoring and logging tools (e.g., SolarWinds, Splunk, ELK, or similar).
Strong troubleshooting skills across OSI layers 1–7, including packet capture and analysis (e.g., Wireshark).
Excellent written and verbal communication skills, with the ability to document and explain complex technical topics to both technical and non‑technical stakeholders.
Preferred Qualifications
Current industry certifications such as Cisco CCNA/CCNP, Palo Alto PCNSA/PCNSE, Network+, Security+, CySA+, CISSP, or equivalent.
Experience working in regulated or compliance‑driven environments (e.g., FISMA, FedRAMP, NIST 800-53, HIPAA, PCI‑DSS, etc.).
Experience supporting hybrid or cloud environments (e.g., AWS, Azure, GCP) including cloud networking and security services (VPCs, security groups, transit gateways, etc.).
Experience with automation and scripting for network tasks (e.g., Python, Ansible, PowerShell).
Experience with Zero Trust architecture and modern identity‑centric security models.
Pay Range: $107,900.00 - $195,050.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Commitment to Non‑Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr