Information Systems Security Engineer

Description

This Information Systems Security Engineering opportunity will allow you to lead the integration of cyber security architecture & engineering efforts across multiple security domains.  As the cyber security subject matter expert (SME) you will influence information system design, development, and integration of hardware & software solutions. Working with other team members the ISSE utilize the risk management framework (RMF) systems development life cycle (SDLC) to ensure all aspects of cyber security are incorporated into the system design and implementation.  

Primary Responsibilities

• Support program managers as the Subject Matter Expert (SME) in Information Assurance & Cybersecurity

• Establish policies & procedures that implement the System Development Life Cycle (SDLC) and Risk Management Framework (RMF) best practices

• Serve as the primary liaison with the customer’s cyber security representative for all cyber security / information assurance tasks

• Lead efforts to establish connectivity to government enclaves (SIPRNet, JWICS, Stand alone, Special Access Require (SAR)-level networks etc.)

• Lead all aspects of the Risk Management Framework (RMF) process thru Authority to Operate and Continuous Monitoring

• Manage the establishment of contractor owned information system that are approved for classified processing (all aspects to obtain Authority to Operate (ATO))

• Work with physical security staff to ensure facility authorizations are in compliance with classified processing requirements

-Assist in the implementation and configuration of security controls, technologies, and infrastructure components.

-Prepare and review security documentation such as System Security Plans (SSPs) and Security Assessment Reports (SARs)

-Perform security testing and evaluation activities such as vulnerability assessments, penetration testing, and security control assessments.

- Conduct assessments to ensure compliance with established policies and guidelines.

-Contribute to the design of information systems to ensure their compliance with security protocols.

-Collaborate with Information System Security Manager (ISSM), Security, Program Management, and the Government Customer(s) on all the above.

Basic Qualifications

Solid understanding of the Risk Management Framework (RMF) and the System Development Life Cycle (SDLC)

• Detailed knowledge of the assessment & authorization (A&A) process

• Experience with ICD-705

• Experience with 32 CFR part 117 (NISPOM)

• Understanding of hardware and software engineering best practices

• Current DoDM 8570 IAT III Certification is required.

-Must have an active TS/SCI

• Bachelor's degree in a relevant discipline (e.g. Computer Science, Information Assurance, Information Security System Engineering) and 8-12 years relevant experience

Preferred Qualifications

• CISSP-ISSEP Certification

• Certified Cloud Security Professional (CCSP) or equivalent cloud computing certification

-Previous experience working on Special Access Programs (SAPs)

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 46,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022.  For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.