The Defense group at Leidos has a career opening for an Information Assurance (IA)/Cyber security Engineer on a DISA contract. This role is primarily remote but will also require onsite visits to Ft. Meade,MD.
- Perform ISSO responsibilities, which includes acting as a point of contact and subject matter expert for all cybersecurity related aspects to the assigned information systems, reviewing audit trail logs and scans, and ensuring systems are maintained per security policies and procedures, and maintaining compliance and ongoing reporting to management.
- Perform security scans, analyze scan results, and document findings for products as required to successfully complete continuous monitoring. Scan results and findings are to be documented according to NIST Risk Management Framework (RMF) processes.
- Document and execute a plan for each security assessment and testing task performed in support of project tasks and as tasked for approved project requirements.
- Independently develop and maintain system security documentation, assisting with the implementation of security procedures, and verify information system security requirements.
- Assist with drafting, reviewing, editing, and recommending guidance for Standard Operating Procedures (SOP), Tactics, Techniques, & Procedures (TTP), Plan Of Action and Milestones (POA&M), and Federal Information Security Management Act (FISMA).
- Performing information system Assessment and Authorization planning, testing, assessing and liaison activities.
- Providing architectural / risk based analysis of information assurance/cybersecurity features and relate existing system to future needs and trends and requirements.
- Provide the necessary support to monitor and ensure compliance with information security policies, procedures and regulatory requirements including assistance with internal auditing, reporting, technical reviews, and identification of security risks.
- Working closely with government Information Assurance team to support Authorization to Operate (ATO) accreditation conditions and requirements.
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below.
- Requires BS and 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience.
- Must possess excellent writing and communications skills; candidate shall have the ability to develop documentation and management level presentation and present the materials to the management team.
- Candidate is expected to have technical knowledge and skills in one of the following areas: systems administration, network engineering, software development, integration and testing, data analytics or security operations.
- Technical understanding of supporting security initiatives, conducting security monitoring, reporting and maintaining security compliance following security regulations and policies.
- Demonstrate potential and willingness to learn and adapt to rapid changes in technology
- Security+, CISSP certification or other security certification that meets DOD 8570 IAT level II.
- Requires a US Citizenship and Top Secret Clearance
- Hands-on experience with Linux and Windows Server Operating Systems and networking.
- Experience with Information Technology hardware & software support and troubleshooting.
- Experience with operating IT security tools; ACAS, HBSS, DISA STIG's, eMASS, HP Fortify and Splunk
- Computer system logging and auditing experience, data search and parsing using basic data analytics skills
- 2+ years of directly relevant experience with of NIST Special publications 800-37 and 800-53.
- Prior experience working IA/Cybersecurity in accordance with US Government (USG), Department of Defense (DOD).