Leidos has an immediate opportunity for an Information Assurance Security Engineer (IASE) / Information Systems Security Engineer (ISSE) in Suitland, MD to provide direct security engineering support to the execution of the customer's Information Assurance (IA) Certification and Accreditation (C&A)/Assessment and Authorization (A&A) mission All work is onsite in Suitland, MD. Candidates must have an an active TS/SCI can be considered for this role.
The IASE/ISSE will be responsible for:
Support of the design, development, integration, testing, implementation, deployment and operations & maintenance (O&M) of tools for the automation of security testing in support of C&A/A&A.
Partnering with colleagues to perform architectural design, integration, installation, configuration, testing, and administration of systems and capabilities to support the scanning, monitoring, and reporting of Information Assurance Vulnerability Alerts (IAVA)/Intelligence Community Vulnerability Alerts (ICVA) for the Naval Intelligence (NAVINTEL) Community.
Integration, installation, configuration, testing, administration of C&A Management tools and capabilities to implement A&A business processes, workflow, ICD-503, NIST 800-53 security controls mappings, and FISMA reporting.
Integrating and testing new features and functions within the A&A Management solution. This includes, but may not be limited to, DoD 8500.2, and NIST 800-53 Security Controls mappings; implementing updates business processes, workflow, and templates; and direct support to Fleet customers.
System administration and O&M support for the A&A Management capability.
Performing security assessments; design reviews; and providing guidance on new technologies for Fleet customers. New technologies may include, but are not limited to, Cloud technologies, Cross Domain Solutions, Hardware, Operating System, Web technologies; and Databases.
Providing Security Engineering, on an as needed basis, to support to the Security Controls Assessors (SCAs) and Validators for A&A and C&A efforts, respectively.
Design, development, integration, testing, documentation, system administration, ISSO responsibilities, and O&M for systems that support hidden/malicious file content analysis and reporting; Reliable Human Review (RHR) workflow functionality, enforcement, and audit; and cross-domain transfers.
Active TS/SCI clearance
Candidate must meet DoD 8570.1M requirements and possess an active CISSP certification.
BS in CS, IT, Cyber Security, Information Assurance or a related field
8+ years of Security Engineering experience with DIACAP, DCID 6/3, ICD-503, and/or NIST Risk Management Framework
Experience in system/software design, development, integration, testing, system administration, O&M.
Experience implementing and executing software and security engineering practices in the SDLC process.
Experience with DoD, DISA, FLTCYBERCOM, DoDIIS, and IC tools, systems, reporting mechanisms and requirements for C&A.
Technical knowledge of the DoD, IC, and national level system security initiatives and Secure Information/LAN/WAN/Cloud Technologies/Cross, Domain Solutions (CDSs) technologies
Knowledge of development in Oracle Solaris or Red Hat Enterprise Linux
Experience designing, developing and using host based and network based scanning tools; experience with SCAP based tools and specifications.
Experience in OS hardening; securing systems/software IAW IC, DoD, and industry best practices; development of security controls, testing methodologies, and procedures for systems, cloud based architectures and CDSs. (RHEL) environment.
Experience developing in a MS Windows 2012R2 or Windows 10
Knowledge of OpenOffice or LibreOffice integration or development
MS in CS or IT with IA
Active ISSEP certification