The Defense Group of Leidos has an opening for a Information Systems Security Officer at the Pentagon, National Capital Region.
The ISSO in support of the AFNCR IT Services program at the National Military Command Center (NMCC). The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas are: IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment. The Cyber Security Specialist will be responsible for creating cyber security strategies that ensures compliance to industry best practices and government regulations, performing compliance monitoring, providing remediation strategies, and maintaining the compliance of the organization.
- Review system security A&A package submissions for consistency, completeness and traceability ensuring compliance with current AF A&A guidance.
- Maintain SOP checklists for each package to ensure compliance.
- Provide package compliance reports which list specific rework actions to Government customers and the submitting Program.
- Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, and assist customer with artifact creation, etc.
- Identify potential risks associated with system configurations and advise on mitigation strategies.
- Participate in A&A status meetings and facilitate moving systems toward a successful A&A effort.
- Assist to estimate Level of Effort (LOE) involved in performing A&A activities.
- Assist to develop and implement detailed test plans and review findings from self-assessments to determine readiness for independent validation and verification (IV&V) assessment.
- Assist customer program offices in interpreting and applying mitigation strategies.
- Conduct test results and analyze them for accuracy, compliance, and adherence to Federal cybersecurity requirements.
- Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in POA&M document.
- Document residual risks and provide the cybersecurity risk analysis and mitigation determination results.
- Produce risk assessment artifacts describing initial risks during system development and residual risks identified during IV&V.
- Maintain cybersecurity policy and processes as assigned.
- Must be able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs.
- Communicate the security posture of systems through designated reporting mechanism.
- Collaborate with other team members in the cybersecurity realm and other duties as assigned.
- Bachelor's degree with 8+ years of relevant experience. Additional years of experience, training, and/or certifications accepted in lieu of a degree.
- Experience with DoD Risk Management Framework (RMF).
- Currently possess DoD IAT Level II certification, Security+ CE or higher.
- Currently possess a DoD Top Secret Security Clearance with the ability to obtain SCI.
- Must have 5 years of experience with NMCC / National Military Command Center customer.
- Consistent experience in the following areas: Cybersecurity policy, procedures, and processes, including RMF and NIST 800-53 and A&A’s.
- Experience developing A&A documentation from scratch and performing assessments.
- Demonstrate proficiency in the following areas: multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment.
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Top Secret/SCI
Scheduled Weekly Hours:40
Job Family:Cyber Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.