Job Requisition:Sr. Cyber Security Control Analyst
Leidos is seeking a Senior Cyber Security Analyst supporting a mission-critical program in Washington, DC. This position is responsible for supporting Assessment and Authorization (A&A) of the US Department of State (DOS) major applications. This position will require significant interaction with the DOS and contractor staff and with the DOS Information Assurance (IA) office. Active DOD Secret Clearance required.
•Lead large/complex security assessments of customer systems, services, and programs
•Support and interact with customers, at the highest levels, as well as providing oversight to less experienced staff•Analyze customer processes and configurations to verify that previously identified flaws have been corrected, and document the results
•Develop approaches for industry-specific threat analyses, application-specific penetration tests, and the generation of vulnerability reports
•Develop detailed remediation reports and recommendations for compliance and security improvements across industries based on changing threats
•Develop and update a consistent approach to information security programs and adherence with best practices
•Articulate requirements and other information in written documentation and effectively communicate technical and non-technical concepts to a variety of audiences
•Demonstrated strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable, being trustworthy, having strong interpersonal and diplomatic skills, and being able to handle stress in a professional manner
•Bachelor’s Degree in a related field, or equivalent; and 6+ years related experience
•Prior experience assessing Federal information systems’ compliance with the Federal Information Security Management Act (FISMA). Specifically, conducting independent security control assessments in accordance with NIST SP 800-53, 800-53A, CNSSI 1253, and the Risk Management Framework (RMF) described in NIST SP 800-37
•Knowledge of risk management practices and security program development including change management, access control, and physical security
•Experience involving configuration, deployment, and administration of network appliances, operating systems, and databases
•Technical skills in one or more focus areas (e.g. networking, messaging support (Exchange), Active Directory, system administration, etc.)
•You must have an Active DoD Secret Clearance and be able to obtain and maintain a Top Secret clearance
•ISC2 Certified Authorization Professional (CAP)
•Hands-on experience with and knowledge of IT security architecture and design (e.g., firewalls, intrusion detection systems, virtual private networking, virus protection technologies, LAN/WAN design, and/or general internetworking technologies)
•Experience with one or more information security frameworks such as SAS70/SSAE No. 16, PCI, NERC CIP, Nuclear Energy Institute (NEI) 0809, HIPAA, GLBA, SOX, etc.
•Broad understanding of risk management practices and security program development including change management, access control, and physical security
•Experience with change management processes.
•Have a Security+ certification and actively working towards the CISSP
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Top Secret
Scheduled Weekly Hours:40
Job Family:Cyber Security-Intelligence
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to email@example.com.
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.