Leidos
GovernmentFull TimeActively Hiring

Security Specialist

LeidosยทArlington, VA
Apply Now

Location

Arlington, VA

Job Type

Full Time

Category

Government

About This Role

The Role

Leidos needs a Senior DRM Specialist for the USSOCOM Zero Trust program in Arlington, VA. This isn't about file labels. Your job is to make data mathematically self defending, no matter where it goes. You'll own encryption policy across Kiteworks on SIPR and Top Secret networks and Microsoft Purview Information Protection on NIPR. The mission is to move beyond simple file encryption into a granular, identity aware protection model that brokers access in real time based on trust attributes like clearance, role, and risk level.

What You'll Actually Do

  • Architect and configure Kiteworks Private Content Network (SIPR/Top Secret) and Microsoft Purview (NIPR) as central Policy Decision Points (PDP) for file access.
  • Translate NIST 8112 metadata attributes into concrete DRM policies ; e.g., "Allow View ONLY if User.Clearance >= TopSecret AND Device.State = Compliant."
  • Manage the lifecycle of encryption keys using Bring Your Own Key (BYOK) and Customer Managed Keys; keep everything FIPS 140 2/3 compliant across hybrid and air gapped environments.
  • Configure advanced DRM features like SafeVIEW and SafeEDIT in Kiteworks so users can view and edit sensitive documents in a secure, containerized stream without data leaving the controlled repository.
  • Define Rights Management controls that prevent Copy/Paste, Screen Capture, and Printing on documents tagged with sensitivity labels like CUI or Secret/NoForn.

What You Need to Bring

  • Clearance: Active Top Secret with SCI eligibility (TS/SCI). No exceptions here.
  • Education: Master of Science in Cybersecurity, Computer Science, Mathematics with a Cryptography focus, or a related technical field.
  • Experience: 10+ years of related technical experience total; at least 5 years designing and administering Enterprise DRM or Information Rights Management systems specifically using Kiteworks, Microsoft Azure Information Protection (AIP/RMS), or Virtru.
  • Crypto chops: Deep understanding of AES 256, RSA, Public Key Infrastructure (PKI), and Key Management Service (KMS) operations.
  • Policy logic: Proven ability to design complex Attribute Based Access Control (ABAC) logic and Conditional Access policies.
  • Cross domain knowledge: You understand how encryption travels across Cross Domain Solutions (CDS) and the key management challenges inside air gapped networks.
  • Certification required: CompTIA Security+ CE or higher to meet DoD 8570 IAT Level II requirements.

What Helps Your Case

  • A Hardware Security Module background ; Thales or Entrust specifically.
  • Knowledge of NIST SP 800 53 controls tied to System and Information Integrity (SI) and Media Protection (MP).
  • Experience integrating DRM tools with SailPoint for identity attribute consumption.
  • A Kiteworks Administrator Certification under your belt.
  • A Microsoft Information Protection Administrator certification (SC 400).
  • CISSP certification is preferred too.

The Fine Print

Job Location

Arlington, VA