Leidos Defense Group is seeking an A&A Cyber Security Engineer to support our Joint Regional Security Stack (JRSS) team in Ft. Meade MD. You must hold an active Secret Clearance to qualify.
As the A&A Cyber Security Engineer, you will serve as the principle advisor ensuring appropriate operational security posture for the JRSS. You will guide and advise on all matters involving the Risk Management Framework (RMF), Assessment and Authorizations (A&A) and day-to-day security of JRSS.
- Managing and documenting A&A projects using Xacta IA Manager and Enterprise Mission Assurance Support Service (eMASS) A&A workflow platforms.
- Advise, conduct and document risk assessments, development of System Security Plans (SSP), Plans of Action and Milestones (POA&M) and security policies and procedures
- Provide guidance in the implementation of security controls, doctrine and policies.
- Implement information assurance (IA) and security standards and procedures to identify, report and resolve security violations.
- Establish and satisfy IA and security requirements based upon user, policy, regulatory, and resource demands.
- Integrate and implement computer system security solutions. Analyze general IA related technical problems and support in solving these problems.
- BS degree in Computer Science, or other comparable technical degree from an accredited college/university and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience.
- At least 8 years of C & A experience in an Information Assurance or Cyber Security environment is required.
- Per contract requirements, U.S. citizenship and a minimum of active Secret Clearance is required.
- Must have 8570 IAT Level II certification
- Security certificates such as CISSP, CISM, GSLC, or CASP.
- Experience in performing risk assessment, IT audits, security planning, systems accreditation and policy development.
- Experience complying with DoD regulations and preparing for responding to information security audits and questionnaires.
- Understanding of related information technology (e.g. firewalls, VPN, virtualization, DLP, etc) and physical security assets.
- Understanding of basic networking, routing and transport security technologies and architectures
- Knowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
- Experience with UNIX/LINUX OS and any scripting language.
- Experience working with IDS/IPS and processes.
External Referral Eligible