The Defense & Intelligence Group of Leidos has an opening for a Cyber Security Specialist at the Pentagon, National Capital Region.
Cyber Security Specialist in support of the AFNCR IT Services program at the National Military Command Center (NMCC). The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas are: IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment. The Cyber Security Specialist will be responsible for creating cyber security strategies that ensures compliance to industry best practices and government regulations, performing compliance monitoring, providing remediation strategies, and maintaining the compliance of the organization.
Review system security A&A package submissions for consistency, completeness and traceability ensuring compliance with current AF A&A guidance.
• Maintain SOP checklists for each package to ensure compliance.
• Provide package compliance reports which list specific rework actions to Government customers and the submitting Program.
• Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, and assist customer with artifact creation, etc.
• Identify potential risks associated with system configurations and advise on mitigation strategies.
• Participate in A&A status meetings and facilitate moving systems toward a successful A&A effort.
• Assist to estimate Level of Effort (LOE) involved in performing A&A activities.
• Assist to develop and implement detailed test plans and review findings from self-assessments to determine readiness for independent validation and verification (IV&V) assessment.
• Assist customer program offices in interpreting and applying mitigation strategies.
• Conduct test results and analyze them for accuracy, compliance, and adherence to Federal cybersecurity requirements.
• Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in POA&Ms document.
• Document residual risks and provide the cybersecurity risk analysis and mitigation determination results.
• Produce risk assessment artifacts describing initial risks during system development and residual risks identified during IV&V.
• Maintain cybersecurity policy and processes as assigned.
• Must be able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs.
• Communicate the security posture of systems through designated reporting mechanism.
• Collaborate with other team members in the cybersecurity realm and other duties as assigned.
• Bachelor's degree with 8+ years of relevant experience. Additional years of related experience, training, and/or certifications accepted in lieu of a degree.
• Experience with DoD Risk Management Framework (RMF).
• Currently possess DoD IAT Level II certification, Security+ CE or higher.
• Currently possess a DoD Top Secret Security Clearance with the ability to obtain SCI.
• Consistent experience in the following areas: Cybersecurity policy, procedures, and processes, including RMF and NIST 800-53 and A&A's.
• Experience developing A&A documentation from scratch and performing assessments.
• Demonstrate proficiency in the following areas: multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment.