The Defense Group of Leidos has a career opportunity for a talented, mid-level Cybersecurity Analyst in Abingdon, MD to support a critical modernization effort of the Advanced Field Artillery Tactical Data System (AFATDS) in order to satisfy the vision of Program Executive Office (PEO) Command Control Communications - Tactical (C3T) and Project Manager Mission Command.
The AFATDS is a multi-service, automated command, coordination, communication, and computing system that provides automated fire support and coordination to all echelons, from firing unit through theater level, at Army, Marine Corps, Naval Firing Platforms, Navy Command and Amphibious Assault Ships, Air Force Operations Centers, and Joint Command and Control Centers. AFATDS enables the automatic application of the Force Commander’s guidance in the Fires Warfighting Function to plan, execute, and deliver effects at all levels of command within the current and future force. AFATDS can automatically tailor the selection of fire support assets (field artillery, mortars, close air support, naval gunfire, attack helicopters, and offensive electronic warfare assets) based on the Commander’s guidance, thereby enabling maximum effective use of all available fire support assets across the full spectrum of conflict.
This effort is to meet the government’s objective to modernize the underlying AFATDS architecture, redesign the AFATDS front-end to a fully web- and role-based user interface, integrate common services made available through the Army’s Common Operating Environment (COE), and incorporate advanced embedded training technologies to aid in operator-initiated system instruction and refresher training.
- This position is for a risk management focused cybersecurity engineer
- Review software requirements to identify security and safety critical software functions
- Design and test application and system-level insider threat mitigations
- Design positive and negative test scenarios to confirm functionality of safety and security critical software mitigations
- Perform module and unit testing of cyber security features, including manipulation of data for analysis of security requirements
- Support creation and updating of all relevant documentation and specifications for secure design, secure development and security testing, including assisting with cyber security subsystem requirements decomposition
- BS degree and 8 – 12 years of prior relevant experience or Masters with 6 – 10 years of prior relevant experience. May possess a Doctorate in technical domain or
- Candidate must possess advanced cybersecurity management certificate such as CISSP, CISM, GISP, CASP or equivalent certification
- Experience with all phases of the NIST Risk Management Framework (RMF)
- Experience with writing, reviewing and testing software requirements.
- Experience evaluating, scoring, and documenting security compliance of RMF controls, DISA CCIs, and STIG vulnerability IDs
- Able to multi-task, self-assign work, and function in a dynamic, fast-paced environment
- Good verbal and written skills
- Proficiency with MS Office Products (Word, Excel, Visio, & PowerPoint)
- Ability to obtain a DoD SECRET security clearance
- US Citizenship is required
- Experience with RMF in a software development environment is strongly preferred
- Experience with software or system vulnerability analysis reports (HP Fortify, BurpSuite Pro, Metasploit Pro, OpenVAS, ACAS, or SCAP).
- Experience with Static code / dynamic code analysis.
- Experience in penetration, web app or security scanning testing
- Experience deploying and maintaining security tools (Security Information and Event Management, Vulnerability Scanning, Electronic Policy Orchestrator, etc.)
- Experience in applying Security and Technical Implementation Guides (STIGs) to software technologies
- Experience with standards 800-171, 800-53, and 882E.
- Experience with AFATDS, Army Common Operating Environment (COE), VMF messaging or other PMO systems
- Currently possess an active DoD SECRET security clearance
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:None
Scheduled Weekly Hours:40
Job Family:Info Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to firstname.lastname@example.org.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.