Leidos' Government Health & Safety Solutions Group is looking for a full time Senior Information Security Analyst to support the Food and Drug Administration (FDA) Data Center program. This position is contingent upon contract award.
- Lead/coordinate the threat mitigation and remediation support tasks.
- Perform risk analyses and risk assessments.
- Develop security standards.
- Track and remediate information security deficiencies/ gaps identified by audits, reviews, security control assessments, and tests.
- Operate, manage, maintain, configure, tune, and upgrade Security Content Automation Protocol (SCAP) compliant tools to report security configuration and vulnerability information.
- Evaluate threats and vulnerabilities based on knowledge of the computing infrastructure and issue alerts.
- Determine and apply the appropriate corrective action for detected security incidents and exploits.
- Identify any unauthorized devices or software on the network through real time detection.
- Test all network resources against established configuration guidelines to verify they are up-to-date.
Provide documentation of the corrective action recommendations and ensure that planned remediation activities are captured as Plan of Action and Milestones (POA&Ms).
- Identify any gaps and remediate any deficiencies identified by the Continuous Diagnostics and Mitigation (CDM) tools and applications.
- Identify, track, and remediate all FDA approved exceptions to identified vulnerabilities to ensure all issues are tracked until resolution has been completed.
- Execute emergency security request for action as approved by executive management.
- Provide artifacts and system demonstrations as requested to support assessments, audits, and data calls. Remediate any vulnerabilities identified during audits or assessments.
- Create, manage, and maintain an SOP, Target State Diagrams (TSD), SCP, installation guide, and CONOPS.
- Experience in leading enterprise level security operation task.
- Experience provide technical guidance in software engineering techniques and automated support tools.
- Experience in applying an enterprise-wide set of disciplines for the planning, analysis, design and construction of information systems on an enterprise-wide basis or across a major sector of the enterprise.
- Experience in analyzing and defining security requirements. Experience in designing, developing, engineering and implementing solutions in accordance to requirements.
- Experience gathering and organizing technical information about an organization's mission goals and needs, existing security products, and ongoing programs
- Experience performing risk analyses and risk assessments and developing security standards.
- Demonstrated hands-on experience with the following tools (or equivalents); Splunk, Solarwinds, Nessus, McAfee, Palo Alto Next Generation FW, CheckPoint Firewall.
- Experience with monitoring IT infrastructure and associated enterprise services.
- Experience tuning and configuring monitoring tools to maintain proper thresholds, notification of service interruptions, analysis and planning, root cause analysis, and communication escalation
- Experience with vulnerability scanning, configuration compliance, patch compliance and associated reporting to proactively identify security vulnerabilities that can be mitigated with OS and COTS patching.
- Experience supporting incident management, problem management, and integrating new technologies into these processes.
- Experience, implementation of client and server anti-virus software to ensure a pro-active approach to reducing spam, phishing attempts and other external sources of malware that may threaten data or application availability.
- Working knowledge of System Network & Security Monitoring tools for management of high availability systems.
- Active CCNA, CISSP, and Security+ certifications
- Familiarity with Cloud Computing, and Compute/Storage technologies (virtualization)
Education and Years of Experience:
BS degree and 8 – 12 years of prior relevant experience or Masters with 6 – 10 years of prior relevant experience.
Clearance Level Required:
Public Trust. Must be eligible for Tier 4 – Sensitive High Risk
Yes, 10% of the time
External Referral Bonus:Ineligible
Potential for Telework:Yes
Clearance Level Required:Public Trust
Travel:Yes, 10% of the time
Scheduled Weekly Hours:40
Job Family:Info Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to firstname.lastname@example.org.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.