Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.
The DHS SOC Support Service Program has a critical need for a Senior Cyber Security Policy Analyst. This is a full time funded position based in Washington DC.
The ideal candidate is very detail oriented with strong written and oral communication skills as well as a strong technical background. He/she will be responsible for planning, developing, finalizing, and reviewing key deliverables in each stage. As a result, a strong understanding of standards and requirements outlined by NIST, HIPPA and other federal guidelines is required. The Cyber Security Analyst will be actively engaged in identifying unique system characteristics, interviewing key organizational personnel (technical, administrative, and executive), and working with the consulting team to develop and manage security documentation throughout the system lifecycle in support of NIST and HIPPA requirements. This includes, but is not limited to; security categorizations, system security plans, privacy impact assessments, contingency plans, configuration management plans, incident response plans, POA&Ms, vulnerability assessment reports, and a strong understand of the Risk Management Framework (RMF).
Duties will consist of, but are not limited to, the following:
Participate in relevant Government meetings as required in support of analyzing and planning for the Government;
Analyze current DHS cybersecurity policies, processes, capabilities, authorities, architectures for applicability to DHS OCISO systems, cybersecurity processes, and CIO responsibilities;
Provide recommendations for improvements on proposed policies and strategies; Assess gaps in existing DHS OCISO policy and propose amendments to address those gaps.
Participate in the development and implementation of enterprise-level policy directives and other guidance materials; disseminates policy directives, including the development of supplemental guidance materials essential to ensure affected organizations' understanding of implications for their operations.
- Bachelor's degree or higher in Computer Science, Cyber Security, Computer Engineering, or related discipline
- 12 years of work experience related to the job description or 10 years with a Masters degree
- Must be able to obtain a DHS Suitability Clearance (EOD)
- Working face-to-face with leadership and clients interviewing, planning, or participating in a team effort to bring multiple complex projects to completion.
- Understanding of NIST, Specifically NIST 800-171 and NIST 800-53
- Understanding of RMF.
- Understanding of POAM.
- Assess/audit systems to analyze risk and report on identified weaknesses.
- Conducting in-depth technical reviews of new and existing IT systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
- Providing ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by NIST, etc.
- Demonstrated experience with the legislative and interagency policy processes, and with international bodies and processes that handle cyber security and standards issues.
- Demonstrated knowledge of cyber security issues and the capabilities, current missions, and equities of the IC.
- 5+ years working in or in support of the Federal cyber security or cyber intelligence mission is highly desired
Certification: CISSP, CISM, or GSLC
External Referral Bonus:Ineligible
Potential for Telework:No
Clearance Level Required:Other Clearance
Scheduled Weekly Hours:40
Job Family:Info Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to firstname.lastname@example.org.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.