Leidos is searching to add support to our customer in a wide range of systems engineering, administration, and Cyber security & regulatory compliance services necessary to maintain and secure OPR information technology networks used in the detection and investigations of cybercrimes and CBP policy violations.
Serve as an Information Systems Security Officer (ISSO) providing cyber security oversight for several major OPR applications and general support systems as assigned by the Government Information Systems Security Manager. The ISSO must be an acknowledged expert concerning current Federal, National, DHS and CBP standards, policies, requirements and procedures and shall provide technical security expertise in planning, coordinating, preparing and authoring security authorization documentation necessary to ensure OPR meets all Federal Information Systems Modernization Act (FISMA) regulatory requirements and DHS 4300-A Sensitive Systems Policy and CBP 1400-05D Information Security Policy. The role shall support the Government Information Systems Security Manager by performing the following duties:
- Develop, draft, review and endorse all information systems security plans and other security authorization artifacts and documents such as:
- Standards for Security Categorization of Federal Information and Information Systems (FIPS 199) Assessment
- E-Authentication Determination
- Privacy Threshold Determination
- Privacy Impact Assessment (PIA)
- Risk Assessment Plans
- System Security Plans
- Controls Testing (Security Test and Evaluation (ST&E)) Plans
- Configuration/Change Management Plans
- Contingency Plans
- Contingency Plan Test and Test Results
- Section 508 of the Rehabilitation Act plans
- Plans of Actions & Milestones (POA&Ms)
- Policy waiver and risk acceptance requests
- Ensure that assigned systems are operated, maintained, and disposed of in accordance with applicable policies and procedures NIST SP 800-37, Rev 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy, DHS 4300A Policy and Handbook, CBP Information Systems Security Policies and Procedures Handbook (HB 1400-05), and internal CBP (i.e., Office of Information Technology, Security Operations Division, etc.) security policies and practices
- Develop, review, maintain, and provide system security documentation for assigned systems, including System Security Plans, Interconnection Security Agreements, Contingency Plans, Plans of Action and Milestones, (POA&M), Waivers, and Exceptions through the DHS FISMA system management tool in use to implement and manage the NIST Risk Management Framework.
- Complete all activities required by the DHS Ongoing Authorization (OA) Program to transition assigned systems into the DHS OA Program and perform all required actions to maintain system authorization under OA once the system is admitted to the Program
- Assist the Government with the reporting and management of system level security violations and incidents.
- Assist the Government with the technical security evaluation of threats and vulnerabilities involving new/enhanced technology.
- Assist the Government with providing oversight to vulnerability scanning processes and procedures and security patch management/flaw remediation processes and procedures.
- Assist with development of cyber security SOPs, playbooks, work instructions, and other procedures and processes to mature cyber security capabilities.
- A minimum of a Bachelor’s degree coupled with 8 - 12 years’ experience in the Information Technology arena or Master's Degree with 6+ years of relevant experience.
- Minimum of 5 years of experience as an ISSO supporting major federal information systems/applications
- Bachelor Degree in Computer Science, IT, Information/Cyber Security field from an accredited college or university
- Knowledge with auditing security controls and financial processes
- Superior writing, communication and critical analysis skills
- Deep understanding of Information Assurance, Information Technology and Information Management concepts, processes and procedures
- Working knowledge of the following policies: NIST SP 800-37, Rev 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy, DHS 4300A Policy and Handbook, CBP Information Systems Security Policies and Procedures Handbook (HB 1400-05),
- ISC2 Certified Authorization Professional (CAP) or ISC2 Certified Cloud Security Professional (CCSP) certification or CompTIA Certified Advanced Security Practitioner (CASP+)
- Prior experience with CBP/DHS
Clearance: All CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program
First 90 days are onsite then a telework schedule would be coordinated.
Pay Range:Pay Range $101,400.00 - $183,300.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Original Posting Date:12/11/2023
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. The company's 47,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2023. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.