Information Assurance Security Engineer in Ham

Location: Farnborough or Whiteley, with flexibility to work from home dependent on business demands.

Overview: Leidos is seeking a Cyber Security and Information Assurance Engineer to support a key national security programme. The role is responsible for implementing, monitoring, and maintaining security measures across complex systems, providing subject matter expertise within the Information Security Management (ISM) function, and ensuring risks to Confidentiality, Integrity, and Availability are effectively managed.

Responsibilities:

• Deliver day‐to‑day IT security objectives and lead assigned projects or assurance activities.
• Integrate cyber assurance into multiple delivery methodologies (Agile, Waterfall, SAFe, Incremental, DevOps).
• Act as a point of contact for client security teams on assurance matters.
• Conduct vulnerability assessments, ITHCs, incident response activities, and evaluate responses to system security requirements.
• Support accreditation and continuous assurance using recognised risk frameworks (ISO, NIST) and structured analysis methods.
• Maintain and develop ISMS documentation and security artefacts (SyOPS, RMADS, Security Management Plans).
• Contribute to the analysis of system security weaknesses and communicate findings to programme leads and engineering teams.
• Understand security monitoring tools, logs, alerts, and protective monitoring systems (e.g., SIEM/SOC).
• Maintain the Information Security Risk Register and coordinate monthly vulnerability management activities, ensuring remediation is tracked, reported, and aligned with the Security POAP.
• Support delivery of contracted service levels and participate in security governance forums such as Security Working Groups.
• Assist with security policy development, cryptographic assurance, audit support, and compliance with regulatory and client standards.

Qualifications:

• Proven cybersecurity or information assurance experience.
• Proficiency with common security tools (firewalls, IDS/IPS, antivirus, SIEM).
• Familiarity with frameworks such as NIST, CIS, OWASP, ISO 27001.
• Strong understanding of cybersecurity principles, CIA, risk management, and incident response.
• Experience across the systems engineering lifecycle and its supporting processes.
• Hands‑on experience with ITHC management, vulnerability assessment, and security assurance.
• Familiarity with accreditation processes for secure/sensitive systems.
• Experience maintaining security documentation sets (SyOPS, RMADS, ISMS elements).

Practical Understanding Of:

• Network and boundary protection technologies (firewalls, gateways, IDS/IPS, diodes).
• Protective monitoring systems (SIEM/SOC).
• Authentication and authorisation (PKI, LDAP, SAML).
• Encryption principles and secure communications.

Communication And Professional Skills:

• Strong written and verbal communication skills, able to work with both technical and non‑technical stakeholders.
• Ability to produce clear assurance reports and documentation for varied audiences.
• Good commercial awareness and adherence to project and service disciplines.
• Effective collaboration across engineering, delivery, and client teams.

Benefits:

• Contributory Pension Scheme
• Private Medical Insurance
• 33 days Annual Leave (including public and privilege holidays)
• Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme)
• Flexi‑Time Working

Commitment to Non‑Discrimination: All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.