The Defense Group at Leidos has an opening for an IT Cyber Security Analyst at Fort Eustis, Virginia.
This is an exciting opportunity to use your experience to support the Army Training Information System (ATIS) Deployed Digital Training Campus (DDTC) program for the United States Army. DDTC is a portable, Warrior Information Training System, which can be setup at any deployed Soldier location around the world. The training campus is a completely self-contained system with 20 laptops, Internet and satellite accessibility. The system can also provide video tele-training and it is designed for Soldiers to conduct structured self -development courses, advanced leader course phase one common core, correspondence courses, and any other program in the Army e-Learning and Army Learning Management System (ALMS) catalogs.
•Maintain compliance of the DDTC program utilizing Risk Management Framework (RMF) in accordance with National Institute of Standards and Technology Special Publication 800-37 (NIST SP 800-37)
•Access the Information Assurance Support Environment (IASE) Security Technical Implementation Guide) STIG repository to download, benchmarks, STIGs and tools
•Scan systems using the Security Control Automation Protocol (SCAP) Compliance Checker
•Utilize the STIG Viewer to create checklists, analyze vulnerabilities, determine findings and prepare remediation and mitigation strategies for RMF Continuous Monitoring requirements
•Review weekly USCYBERCOM Information Assurance Vulnerability Alerts and Bulletins (IAVAs and IAVBs) for applicable vulnerabilities
•Submit weekly Information Assurance Vulnerability Management (IAVM) reports and prepare IAVM and non-IAVM patch packages for manual patch application by system administrators
•Configure scans using the Assured Compliance Assessment Solution (ACAS) Security Center and utilize the Nessus Scanner to routinely scan, analyze results and report IAVM and non-IAVM vulnerabilities to system administrators to ensure systems are patched prior to remediation due dates
•Maintain quarterly RMF STIG Plan of Action and Mitigation (POA&M) and weekly IAVA POA&M
•Prepare and update RMF documentation as part of Continuous Monitoring
•Develop metrics for measuring and improving the effectiveness of the DDTC security plan
•Manages secure systems and security containers in a classified environment
•Communicates directly with military, other contractors, and U.S. Government personnel; therefore, requires excellent oral and written communication skills
•Additional duties may include supporting Technical Writing, Systems Analyst/Administration, Tier2 Help Desk, Test Engineering
•Travel may be required to CONUS and OCONUS locations (minimal)
•B.S. in Cyber Security, Computer Science, Information Technology, or related field and 2 – 4 years of prior relevant experience or Masters with less than 2 years of prior relevant experience or 12 additional years’ of experience in lieu of degree
•Hold DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent)
•Experience with Risk Management Framework (RMF)
•Demonstrated hands-on experience with vulnerability scanning solutions
•Demonstrated hands-on experience with the DOD Information Assurance Vulnerability Management program
•Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, defense-in-depth and common security elements
•Experience with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security
•Knowledge of Army Regulation 25-2 (AR25-2), Department of Defense (DoD) 8500 series instructions, Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS) guidelines and (NIST) 800 series to ensure compliance of deployed and local infrastructure assets
•Must have an active DoD Secret Clearance
•Experience with Security Tools
•Understanding of SharePoint
•Understanding of VMware technology
•Understanding of Systems and Test Engineering Processes
•Experience with malware analysis concepts and methods
•Understanding of Department of Defense Military standards
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Secret
Travel:Yes, 10% of the time
Scheduled Weekly Hours:40
Job Family:Cyber Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to email@example.com.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.