Cybersecurity Compliance Program SME

Description

LEIDOS has an excellent opportunity for an experienced Cybersecurity Compliance Analyst.  This position is in support of a Department of Defense (DoD) organization, US EUCOM located OCONUS in Stuttgart, Germany.  This position is required to stay OCONUS. 

More About the Role:

Were looking for a motivated candidate to present products and ideas in a business-like manner.  The candidate will be required to work in a dynamic fast paced environment that requires team interaction and coordination of efforts.  The candidate must be experienced in interfacing with both client managers and system users.

• Conducts cybersecurity program/system security status assessments and supports the development of Cybersecurity program(s) including the development of policies and procedures in accordance with DoDI 8500.01 Risk Management Framework.
• Tracks organizational cybersecurity compliance, ensures necessary remediation needs are communicated, tracks remediation through completion and ensures necessary cybersecurity documentation is accurate and in order.
• Responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by information systems to determine the overall effectiveness of the controls.
• Prepares for, assists with, and monitors cyber assessments (staff assistance visits [SAV], Command Cyber Operations Readiness Inspections [CCORI], NSA Red and Blue Team assessments, vulnerability scans, assessment and authorization [A&A] reviews). 
• Develops technical standards (SOP\TTPs, technical implementation instructions, or other required documentation) for security focused processes, security operations and other operations as required for Government approval.
• Works closely with defensive cybersecurity operation (DCO) teams to identify, monitor and respond to cyber events\incidents from discovery to closure as a part of the local incident response policies. 
• Interacts with customers, IT staff, and high-level military officials to assist in defining and achieving required cybersecurity objectives for the organization.
• Conduct Risk Assessments, determine the risk to operations, and provide risk recommendations to the customer after reviewing a system’s overall risk posture as part of the Security Authorization (Authority to Operate\Connect) process.
• Through basic understanding of network security fundamentals, LAN\WAN switching technologies, routing technologies, infrastructure security technologies and services, reviews network architecture diagrams for cybersecurity compliance.
• Responsible for assessing and authorizing the use of software and hardware across multiple enterprise networks.

Must have experience implementing with the following policies:

• DODI 8510.01 Risk Management Framework (RMF) for DoD Information Technology
• CJCSI 6510.01F Assurance (IA) and Computer Network Defense (CND)
• CNSSI 1253 Security Categorization and Control Selection for National Security Systems
• CJCSM 6510.01B Cyber Incident Handling Program
• DODD 8140.01 Cyberspace Workforce Management
• CJCSI 6211.02D Defense Information Systems Network (DISN): Policy and Responsibilities
• JFHQ-DODIN TASKORDS, OPORDS, WARNORDS and GENADMINS

You’ll Bring These Qualifications:

• At least 3 years of supervisory and technical management experience in Cybersecurity
• Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance
• BA/BS + 8 years recent specialized or AA/AS +10 years recent specialized or a major cert + 12 years recent specialized or 14 years of recent specialized experience
• DoD 8570 IAM III and IAT II Baseline Certification
• Knowledge of DoD IT RMF, USCYBERCOM, and JFHQ-DoDIN
• Advanced Proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint)

These Qualifications Would be Nice to Have:

• Microsoft Azure Certification (Server Administration)
• Cisco Certified Network / CyberOps Associate
• RedHat Certification Associate
• Proficiency with Microsoft SCCM and/or other automatic reporting tools
• Proficiency with PowerBI
• Experience with ElasticSearch and Splunk
• Adaptable to changing circumstances and operational needs
• Understanding of Department of Defense Military standards
• Experience with DoD IT security requirements
• Experience managing asset accuracy to Critical Success Factors (CSF)
• DoD 8570.01 Certification Compliance (CISSP, ISSEP, CISM)

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 45,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022.  For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.