The Defense & Intelligence Group of Leidos has an opening for a Cyber Security Specialist at the Pentagon, Washington DC.
Cyber Security Specialist in support of the AFNCR IT Services program at the National Military Command Center (NMCC). The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas are: IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment. The Cyber Security Specialist will be responsible for creating cyber security strategies that ensures compliance to industry best practices and government regulations, performing compliance monitoring, providing remediation strategies, and maintaining the compliance of the organization.
Review system security A&A package submissions for consistency, completeness and traceability ensuring compliance with current AF A&A guidance
• Maintain SOP checklists for each package to ensure compliance
• Provide package compliance reports which list specific rework actions to Government customers and the submitting Program.
• Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, and assist customer with artifact creation, etc.
• Identify potential risks associated with system configurations and advise on mitigation strategies
• Participate in A&A status meetings and facilitate moving systems toward a successful A&A effort
• Assist to estimate Level of Effort (LOE) involved in performing A&A activities
• Assist to develop and implement detailed test plans and review findings from self-assessments to determine readiness for independent validation and verification (IV&V) assessment
• Assist customer program offices in interpreting and applying mitigation strategies
• Conduct test results and analyze them for accuracy, compliance, and adherence to Federal cyber security requirements
• Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in POA&Ms document
• Document residual risks and provide the cyber security risk analysis and mitigation determination results
• Produce risk assessment artifacts describing initial risks during system development and residual risks identified during IV&V
• Maintain cyber security policy and processes as assigned
• Must be able to analyze, interpret, and apply Federal cyber security guidance to customer needs
• Communicate the security posture of systems through designated reporting mechanism
• Collaborate with other team members in the cyber security realm and other duties as assigned
• Bachelor's degree with 8+ years of relevant experience. Additional years of related experience, training, and/or certifications accepted in lieu of a degree.
• Experience with DoD Risk Management Framework (RMF).
• Currently possess DoD IAT Level II certification, Security+ CE or higher.
• Currently possess a DoD TS/SCI Security Clearance.
• Consistent experience in the following areas: Cyber Security policy, procedures, and processes, including RMF and NIST 800-53 and A&A's
• Experience developing A&A documentation from scratch and performing assessments
• Demonstrate proficiency in the following areas: multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment