AppSec Jobs
← Back to all jobs

Leidos

Information Systems Security Engineer

Camp Springs, MDWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Leidos

Leidos Holdings, Inc. is an American company based in Reston, Virginia, specializing in defense, aviation, information technology, and biomedical research. With annual revenues of $16.7 billion as of 2024, Leidos is recognized as a leader in the Fortune 500, serving sectors such as defense, intelligence, civil, and health. Founded in 1969 as Science Applications Incorporated (SAI), Leidos has evolved significantly over the decades. The company became known for its work on major U.S. government projects and was rebranded as Leidos in 2013 after a split from its parent company. Leidos operates through four main divisions: Civil, Health, Advanced Solutions, and Defense & Intelligence. It offers a range of services, including scientific and engineering services, systems integration, national security solutions, and healthcare IT, notably the MHS GENESIS electronic health record system. The company has achieved significant milestones, including contributions to the America's Cup and the deployment of healthcare systems for the Department of Defense.

Industry

defense & space

Employees

47,000

7863 engineers

Revenue

$17B

Website

Visit →

Security at Leidos

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Leidos' Application Security philosophy is centered on the principle that 'cyber must be designed into systems from the outset rather than layered on after deployment.' They view cybersecurity as an 'enabler for organizations' during digital modernization.
  • Their risk philosophy combines 'threat insight, applied AI, and real-world operator experience' to anticipate adversarial activity, with specific goals to 'reduce the attack surface' and address 'accumulated technical debt.'.

Security Team

The AppSec function is part of the Defensive Cyber group, with Josh Salmanson (VP, Defensive Cyber) serving as a key public-facing leader. The team is integrated into the CIS Group, which provides the 'first line of defense' for proprietary data. Job postings indicate a need for expertise in 'secure software development principles' and 'DevOps concepts.' Exact team size and reporting lines are not publicly available.

Key Initiatives

Leidos practices 'Shift Left' by requiring candidates to apply 'secure software development principles' during the development phase. Their vulnerability management process includes 'enterprise vulnerability management' and 'penetration testing.' Recent initiatives emphasize 'AI-driven threat detection and response.' There is no public evidence of a formal Security Champions program or specific remediation SLAs.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.