Join our talent network

Job #: R-00008506
Location: Bethesda, MD
Category: Info Security
Schedule (FT/PT): Full time
Travel Required: No
Shift: Day
Potential for Telework: No
Clearance Required: Public Trust
Referral Eligibility: Ineligible
Group: Health

Job Description:

The Government Health and Safety Solutions Operation is seeking Information Security Auditor to support the electronic Research Administration (eRA) team supporting National Institute of Health (NIH) in Rockville MD.

eRA is the enterprise grants management system for NIH and supports over 750,000 users worldwide on a 24x7x365 basis. The candidate is responsible for managing audit internal policies and procedures and conduct audits for eRA on-premises and AWS environments. This position reports directly to the Information System Security Officer (ISSO).

Responsibilities:
  • Plan and execute AWS and on-premises environments security assessments
  • Inspect and evaluate information systems, management procedures, and security controls
  • Evaluate the efficiency, effectiveness, and compliance of operation processes with eRA security policies and related government regulations
  • Review or interview personnel to establish security risks and complications
  • Execute and adequately document the audit process
  • Assess the exposures resulting from ineffective or missing control practices
  • Accurately interprets audit results against defined criteria
  • Weigh the relevancy, accuracy, and perspective of conclusions against audit evidence
  • Provide a written and verbal report of audit findings
  • Develop rigorous "best practice" recommendations to improve security on all levels
  • Work with management to ensure security recommendations comply with eRA procedures
  • Collaborate with Development, System Engineering, and Operations teams to improve security compliance, manage risk and bolster the effectiveness
  • Prepare reports to ISSO of any suspicious system changes

hhsnih

Required Skills:
  • Bachelor Degree or equivalent work experience
  • 4+ years in Information Security
  • 2+ years AWS security experience
  • Experience with IT Controls frameworks and standards: HVA, HHS, NIST 800-53

Preferred Qualifications:
  • Professional/technical certifications such as CISA, CISSP, GSEC, or CISM
  • Knowledge of Grants Management and Health Care related support activities, processes, and regulations are preferred
    Ability to obtain a Public Trust Clearance is required


Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 31,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.17 billion for the fiscal year ended December 29, 2017. (NYSE: LDOS) All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community