To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at https://career-events.leidos.com.

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by Leidos.com automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00033157-OTHLOC-PL-2D2813
Location: Vicksburg, MS
Category: Information Assurance
Schedule (FT/PT): Full Time
Travel Required: Yes, 10% of the time
Shift: Day
Potential for Telework: Yes
Clearance Required: Secret
Referral Eligibility: Eligible
Group: Defense

This job posting is no longer active.

Share: mail twitter linkedin

Description

Job Description:

Leidos Enterprise & Cyber Solutions Defense team is seeking a Cloud Information System Security Manager (ISSM) to work with a team of other ISSMs charged with overseeing multiple USACE cloud environments defining and managing cybersecurity to achieve and maintain authorizations under the Risk Management Framework.  This position will support multiple cloud systems and projects.  The ISSM will establish and document standard security procedures in accordance with the Risk Management Framework (RMF) requirements. The ISSM will coordinate with business area managers /professional staff on system security compliance. The ISSM will be responsible for implementing, maintaining and supporting RMF Information System ATOs. They will conduct periodic reviews to ensure compliance with established policies and procedures. This will include, but not be limited to ensuring that all software, and system changes recorded as required by established configuration management procedures. The ISSM will ensure implementation of security features for the detection of malicious code, viruses, and intruders (hackers), as appropriate. Ensure systems are operated, maintained and disposed of in accordance with applicable governing policies and procedures. 

Regular tasking would include but not be limited to secure baseline identification and validation per security categorization and subsequent system security plan, vulnerability and threat assessment, FEDRAMP and DISA Cloud Access Point interactions and direct the DoD RMF accreditation process to achieve ATOs using Enterprise Mission Assurance Support Service (eMASS).  

Clearance: You must hold a current and active DoD Secret security clearance to qualify!

Location: Vicksburg, MS or 100% telework from any U.S. Based location

PRIMARY RESPONSIBILITIES:

  • Develop and maintain USACE enterprise cloud cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures.
  • Ensure that cloud information owners and stewards associated with USACE/DoD information received, processed, stored, displayed, or transmitted on each USACE enterprise system are identified in order to establish accountability, access approvals, and special handling requirements.
  • Develop and maintain eMASS records for all USACE cloud system-level cybersecurity-related documentation.
  • Ensure that ISSMs/ISSOs are appointed in writing and provide oversight to ensure that they are following established cybersecurity policies and procedures.
  • Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring.  This includes Cloud Service Providers and Cyber Security Service Providers.
  • Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
  • Ensure implementation of IS security measures and procedures, including reporting incidents to the AO and appropriate reporting chains and coordinating system-level responses to unauthorized disclosures in accordance with DoD, Army, and USACE policies, processes, and procedures.
  • Act as a cloud cybersecurity technical advisor to the AO for USACE cloud systems under their purview.
  • Ensure that cybersecurity-related events or configuration changes that may impact USACE cloud systems authorization or security posture are formally reported to the AO and other affected parties, such as information owners and stewards and AOs of interconnected DoD ISs.
  • Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a USACE cloud system.

REQUIRED QUALIFICATIONS:

  • Bachelor’s degree in Computer Science/Information Technology preferred; Bachelor in other major with years of experience and certification is acceptable, and 8+ years of experience.  Equivalent work experience may be considered in lieu of degree.
  • Must hold active DOD Secret Clearance.
  • Must hold current DOD 8570.01, IAM-I/IAM-II/IAM-III (CISSP or CAP or CISM-required for IAM-II and IAM-III)

Eight (8) or more years’ experience in the following areas:

  • Cyber security, Information Assurance/Information System Security Engineering for Cloud initiatives
  • FEDRAMP certification process and DISA Cloud Access Point process
  • RMF Assessment & Authorization (NIST SP800-53A, CNSSI 1253, DOD8500.1, DOD 8510.01)
  • DISA STIG and SRR compliance test and verification 
  • ACAS/SCAP vulnerability scanning and secure baseline/system security plan continuous monitoring
  • DoD and Army Information Security regulations, publications, and policy 
  • Demonstrated experience applying security risk assessment methodology to system development and existing IT infrastructure, including threat model development, vulnerability assessments, and resulting security risk analysis

PREFERRED QUALIFICATIONS:

  • FEDRAMP certification process and DISA Cloud Access Point process
  • Working knowledge of standard cloud technologies to include IaaS, PaaS, and SaaS
  • Experience with :
  • Microsoft Azure, AWS, or OCS
  • HBSS
  • ACAS
  • Information Assurance, Cyber Security, and Assessment & Authorization experience
  • Experience developing A&A documentation from scratch and performing assessments.
  • Demonstrate proficiency in the following areas: research, multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment.

External Referral Bonus:

Eligible

Potential for Telework:

Yes

Clearance Level Required:

Secret

Travel:

Yes, 10% of the time

Scheduled Weekly Hours:

40

Shift:

Day

Requisition Category:

Professional

Job Family:

Information Assurance

Leidos

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

This job posting is no longer active.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community