Job Requisition:Risk/Vulnerability Analyst SME
No two career paths will ever look the same. At Leidos, we know the most talented and diverse IT and cyber security professionals will always have a multitude of career choices; your time at Leidos will be a wise investment in your career and in yourself. We welcome your perspective and ideas, in order to foster collaboration and deliver world-class solutions. We look for solutions that not only transform businesses, but change the world.
Department of Homeland Security (DHS), Federal Emergency Management Agency (FEMA) GRC is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to FEMA networks through monitoring, vulnerability analysis, security control assessments, and risk management services to FEMA information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The FEMA is responsible for the overall security of FEMA Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.
The DHS FEMA Program has a critical need for Cyber Security Risk/Vulnerability Analyst SME. This is a full time position based at Washington DC
Duties may include:
- Identifies and classifies vulnerabilities as applicable to FEMA information systems
- Conducts vulnerability scans using Tenable Nessus (Security Center), WebInspect, AppDetective, Burp Suite, and other vulnerability management tools
- Aids in the management and administration of vulnerability scanning infrastructure (hardware and software)
- Conducts detailed risk analysis based on enterprise vulnerability footprint
- Making recommendations to senior leadership based on the results of scanning and analysis of a systems level of risk in correlation with the Authority to Operate (ATO) process.
- Serving as an expert in the areas of NIST 800 series, STIGS, and FISMA requirements.
- Collaborating with System Owners, Information Security System Officers (ISSOs), and others to mitigate identified vulnerabilities.
In addition, the SME will lead and mentor other GRC Support Staff and will communicate with executive leadership regarding matters of significant importance to the DHS FEMA Program.
Must have expertise in at least one of the following specialized areas: - Certification & Accreditation - Risk Management - Network/Information System Security Controls - Monitoring and detection - Vulnerability assessment and penetration testing - Information Systems Security Operations and Management.
EDUCATION & EXPERIENCE:
Requires Bachelors Degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and 12 to 15 years of prior relevant experience or Masters with 10 to 13 years of prior relevant experience. May possess a Doctorate in technical domain. Prior relevant experience should be in the areas of cyber security.
Minimum of current Secret clearance with ability to obtain TS/SCI Clearance. In addition to specific security clearance requirements all Department of Homeland Security employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
In addition, 3 to 7 years of specialized experience in one or more of the following areas:
Certification & Accreditation
Information Systems Risk Management
Cyber intelligence analysis
Must demonstrate expertise with several of the following scanning tools:
Should have at least one of the following senior level certifications: CISSP, CEH, CASP, CISA.
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Secret
Scheduled Weekly Hours:40
Job Family:Cyber Security4000Civil
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.