Leidos currently has an opening for an Information System Security Manager (ISSM) to work in our Arlington, VA office. This is an exciting opportunity to use your experience helping multiple contracts mission. This position will support the multiple programs and projects housed at that location. The ISSM will establish and document standard security procedures in accordance with the Risk Management Framework (RMF) and the Joint Security Implementation Guide (JSIG) requirements. The ISSM will coordinate with business area managers /professional staff on system security compliance. The ISSM will be responsible for implementing, maintaining and supporting RMF Information System ATOs. They will conduct periodic reviews to ensure compliance with established policies and procedures. This will include, but nor be limited to ensuring that all software, hardware and firmware changes recorded as required by established configuration management procedures. The ISSM will ensure implementation of security features for the detection of malicious code, viruses, and intruders (hackers), as appropriate. Ensure systems are operated, maintained and disposed of in accordance with applicable governing policies and procedures. Assist in performing IS security briefings to authorized individuals prior to those users gaining access classified information systems.
- Act as ISSM for multiple systems and programs to ensure system support needs are met for certification & accreditation, system implementation, operation & maintenance, and IA compliance.
- Responsible for creating and maintaining System Security Plans (SSP), Security Control Traceability Matrix (SCTM), Plan of Actions and Milestones (POA&M) and all documentation associated with RMF process for supported systems.
- Provide security solutions to optimize performance and ensure security measures are optimized.
- Manage the installation, configuration and maintenance of network equipment such as switches, end point protection, patches, firewalls and intrusion detection systems
- Responsible for implementing and maintaining security policies and procedures
- Responsible for ensuring proper protection or corrective measures have been taken when an incident or vulnerability has been discovered.
- Responsible for responding to security incidents and for investigating and reporting security violations and incidents, as appropriate.
- Work with external entities in order to maintain the authorizations of existing systems and networks.
- Ability to work as a team.
- Bachelor's degree and 12 plus years related experience in Information Systems, Computer Science or related field or a Master's with 10 plus years of related experience. Additional relevant experience, training, and / or certification may be considered in lieu of degree.
- Strong experience with Information Security, supporting processes and procedures.
- Candidates must have an active Top Secret clearance.
- CISSP Certification must be obtained within 6 months of hire.
- Highly desired are security certifications including a CISSP or CISM.
- Additional desired certifications include CCNA, CCSP, MCSE, and/or SANS GIAC.
- Experience with Windows and Linux.