Odenton MD US 21113
Description
Leidos is seeking an experienced Information System Security Officer to provide ISSM support for a vigorous Transport Network program with Defense Information Security Agency (DISA) in Fort Meade, MD.
This is an onsite position, telework allowed as mission dictates.
The Information Systems Security Officer (ISSO) will provide Information Assurance support for a mission critical IP Messaging and Communications Transport Network, including discovery, SSP preparation, C&A, security sustainment, and system decommissioning. This position requires U.S. citizenship and an active Top-Secret clearance with SCI Eligibility.
Primary Responsibilities:
As assigned, incumbent is responsible for assisting to develop policies and procedures to ensure information systems reliability and accessibility, and to prevent and defend against unauthorized access to systems, networks, and data.
Conducts risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
Promotes awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals.
Conduct systems security audits and reviews.
Assist the ISSM in developing systems security contingency plans and disaster recovery procedures.
Develop and implement programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
Participate in network and systems design to ensure implementation of appropriate systems security policies.
Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes; assessing security events to determine impact and implementing corrective actions; and/or ensuring the rigorous application of information security/information assurance policies, principles, and practices in the delivery of all IT services.
Perform Security Technical Implementation Guide (STIG) reviews, self-assessments, and participate in Assessment & Authorization (A&A) testing to ensure our systems stay secure and compliant.
Analyze system IAVM logs and conduct vulnerability assessments and implement mitigation strategies to protect against potential risks.
Use expertise to apply a comprehensive range of cybersecurity policies, principles, and techniques to maintain the integrity of systems processing classified information.
Perform risk analysis for system changes, contribute to the Risk Management Framework process, and recommend security solutions to address any identified gaps.
Partner with government customers to support Continuous Monitoring activities, manage security incidents, and ensure timely vulnerability remediation.
Ensure all system documentation is up to date in government record-keeping systems.
Assist in managing changes to security-relevant software, hardware, and firmware to maintain system security.
Validate security policies and procedures outlined in the System Security Plan (SSP), customer policies & regulations, and ensure local policies are followed.
Initiate the authorization or re-authorization efforts and process for new or expiring systems and assist lead in required meetings.
Perform security audits IAW established procedures.
Author and review IS security-related documentation and submit to Enterprise Mission Assurance Support Service (eMASS).
Help ensure system security requirements are addressed during all phases of the System Development Life Cycle (SDLC).
Take corrective action to resolve identified vulnerabilities.
Knowledgeable on ATO requirements and processes.
Ability to facilitate Cyber Assessments at different sites as required.
Provide security engineering review of proposed changes or additions to the IS (including hardware, software, or connectivity), and advise the Information System Security Manager (ISSM) of the security relevance.
Assists in the design, development, implementation and/or integration of IA and security systems and system components including those for networking, computing and enclave environment to include those with multiple enclaves and with differing data protection/classification requirements.
Work closely with the Information Systems Security Manager (ISSM) to drive information assurance initiatives, including security authorization activities, compliance with Risk Management Framework (RMF) policies, and the development of System Security Documents and Plans.
Basic Qualifications:
This position requires a BS in Information Systems, or related Cyber field as required. MS preferred and at least 8 years of prior relevant experience. Specific experience, education and training may be considered in lieu of degree.
Experience with eMASS
CISSP or CASP certification required.
DoD 8140 Compliant, IAT Level II or higher required at start.
Knowledge of NIST SP 800-37, CNSSI 1253, FIPS 199 and NIST SP 800-53.
Knowledgeable in RMF accreditation processes.
Ability to create metrics, documentation, presentations, and procedures and communicate results effectively.
Experience in auditing security controls
Knowledge of Continuous Monitoring
Experience in scanning and interpreting scan results.
Knowledgeable in STIGs and SRGs
Knowledge of Common Control Processes
Project Management and Technical Writing Skills
Should have hands on experience implementing security and/or network components, i.e. routers, firewalls, IPS, IDS, etc.
Customer service skills both verbally and written
Confidence and ability to present briefing to senior level DoD officials in both prepared briefings and/or in ad hoc discussions.
US Citizenship with an Active DoD clearance at the Top-Secret level with SCI eligibility
GSMO
Original Posting Date:
2024-11-14
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $101,400.00 - $183,300.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos / Equal Opportunity Employer
R-00148306 JBLDJ 2024-11-15 04:40:43 UTC