Leidos currently has an opening for an Information System Security Officer (ISSO) to work in our Arlington, VA office. This is an exciting opportunity to use your experience helping multiple contracts mission. This position will support the multiple programs and projects housed at that location. The ISSO will establish and document standard security procedures in accordance with the NIST RMF and JSIG requirements. The ISSO will coordinate with business area managers /professional staff on system security compliance. The ISSO will be responsible for maintaining RMF Information System ATOs. They will conduct periodic reviews to ensure compliance with established policies and procedures. This will include, but nor be limited to ensuring that all software, hardware and firmware changes recorded as required by established configuration management procedures. The ISSO will ensure implementation of security features for the detection of malicious code, viruses, and intruders (hackers), as appropriate. Ensure systems are operated, maintained and disposed of in accordance with applicable governing policies and procedures. Assist in performing IS security briefings to authorized individuals prior to those users gaining access classified information systems. Report all security incidents to the ISSO, and be required to investigate, document and report, as well as provide protective and corrective measures in response to such incidents.
- Ensure system support needs are met for certification & accreditation, system implementation, operation & maintenance, and IA compliance.
- Engineer, implement, and enforce technical and administrative security measures and processes to ensure all system achieve and maintain government compliance with directives outline in the JAFAN 6/3, JSIG, ICD 503, DODIIS, and NISPOM Chapter 8.
- Responsible for maintaining System Security Plans (SSP) and all documentation associated with Federal Information System Management Act
- Assist with providing security solutions to optimize performance and ensure security measures are optimized.
- Install, configure and maintain network equipment such as switches, end point protection, patches, firewalls and intrusion detection systems
- Support the Information Systems Certification and Accreditation process as needed.
- Responsible for implementing and maintaining security policies and procedures
- Responsible for ensuring proper protection or corrective measures have been taken when an incident or vulnerability has been discovered.
- Responsible for responding to security incidents and for investigating and reporting security violations and incidents, as appropriate.
- Assist with maintaining the information security education program, including leading training as required.
- Ability to work as a team.
- Bachelor's degree and 8 - 12 years related experience in Information Systems, Computer Science or related field or a Master's with 6 - 10 years of related experience. Additional relevant experience, training, and / or certification may be considered in lieu of degree.
- Strong experience with Information Security, supporting processes and procedures.
- Candidates must have an active Top Secret clearance.
- CISSP Certification must be obtained within 6 months of hire.
- Highly desired are security certifications including a CISSP or CISM.
- Additional desired certifications include CCNA, CCSP, MCSE, and/or SANS GIAC.
- Experience with Windows and Linux.