To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at https://career-events.leidos.com.

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by Leidos.com automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00041006
Location: Alexandria, VA
Category: Information Assurance
Schedule (FT/PT): Full Time
Travel Required: No
Shift: Day
Potential for Telework: No
Clearance: Top Secret/SCI
Referral Eligibility: Eligible
Group: Intelligence

This job posting is no longer active.

Share: mail twitter linkedin

Description

Job Description:

Leidos is seeking an Information Security Systems Engineer (ISSE) to support a large IT contract at its customer location in Tampa, FL. This ISSE role is part of larger team of ISSEs under the contract’s Security Team. The ISSE will be responsible for achieving individual and team objectives for:

  • Maintaining the accreditation of the assigned Security Plans to the ICD 503 RMF requirements
  • Ensuring that the architecture and design of DoD information systems are functional and secure. 
  • Providing security subject matter expertise at all engineering, change, configuration control and other meetings. 
  • Participating in risk assessment during the certification and accreditation process. 

Job Responsibilities & Duties:

  • For all assets maintained and falling under the Leidos contract area of responsibility, the ISSE will conduct the following activities:
  • Provide assessment and authorization (A&A) services in accordance with ICD 503 Risk Management Framework.  To include:
  • Collection and review of ACAS scans.  Document and recommend mitigation actions
  • Collection and review of STIG scans.  Document and recommend mitigation actions
  • Address identified and relevant controls from the IA Requirement Catalog (IRAC)
  • Prepare Test Plan to address identified controls
  • Use XACTA 360 and the accreditation process flow within.  Know where and when to update.
  • Use HBSS to create tags, look up equipment, apply tags and export reports
  • Use Tenable Security Center to retrieve reports from the Nessus Manager
  • Support A&A compliance with:
  • Information assurance policies standards and guidelines
  • Security risk assessments
  • Continuous monitoring
  • Continuity planning
  • Develop/maintain security documentation per NGA/IC/DoD/Industry standards and policies
  • Coordinate all A&A initiation and renewal activities working with the NGA Designated Authorization Official (DAO or DAOR)
  • Perform decommission activities as required for assets and Security Plans.
  • Address any Information Assurance or Cybersecurity notices, orders, taskings, or directives as required following the NGA operations vulnerability and patch management process. 
  • Attend and participate in weekly vulnerability and risk management meetings
  • Ensure that all services, operational systems, devices and applications are compliant and sustain compliance with the most current Defense Information System Agency (DISA) security technical implementation guides (STIGs), Security Requirement Guides (SRGs), Information Assurance Vulnerability Management (IAVM) requirements, USCYBERCOM Operational Orders (OP ORDs) and approved security updates. 
  • Perform security audits and assessments – create of Plan of Action and Milestones (POAMs)
  • Coordinate with System Administrators and others for the remediation of all vulnerabilities and report results. For any open vulnerability, document, obtain approval and status POAMs
  • Update Security CONOPS and Information Technology Disaster Recovery (ITDR) plans for each Security Plan.
  • Participate in the development, implementation, and testing of disaster recovery methods and procedures for the ITDR Plan
  • In coordination with NGA Government personnel, ensure the appropriate Security CONOPS, ITDR Plan, all Gold Data for FISMA, CCRI, FISCAM, OMB 53/300, and TAM (PS-AM & CMDB) are current, executable and consistent for each SPID
  • Conduct technical and administrative STIG/SRG reviews for all CCRI technology areas each quarter
  • Assist in the preparation and deliver of monthly and quarterly Assessment and Compliance Status Reports
  • Provide ad-hoc reporting to assist the Government in assessing readiness of all applicable UFS systems, applications, and devices in response to short notice/no-notice DISA, CCRI, Computer Network Defense – Service Provider (CND-SP), or other directed inspections/audits
  • Support remediation of findings from routine NGA vulnerability scanning, A&A assessments, or inspections with NGA service providers to support USCYBERCOM 21-day remediation requirements. 
  • Support rapid patching deployment process and reporting for USCYBERCOM or vendor patches addressing zero-day exploit activities to support a 7-day remediation timeline as directed by the CSOC. 
  • Establish plans, procedures and technical measures for UFS design and infrastructure to provide Continuity of Operations Planning (COOP) and off-site backup capabilities in accordance with NGA Directive (NGAD) 3020. 
  • Ensure the UFS design and infrastructure meets all COOP and off-site backup requirements in accordance with NGAD 3020
  • Coordinate and participate with NGA Operation Center and other identified service providers or contracts for any exercises or executions involving UFS.

Education & Experience:

  • Requires Bachelors Degree and 4 – 8 years of prior relevant experience in order to operate within the scope contemplated by the level.
  • Experience in lieu of degree.
  • DoD 8570 certification required; minimum certification is Security+ CE. 
  • Understanding of risk management framework for ICD-503 is desired. 
  • Experience desired with the following systems/platforms/tools: XACTA; XACTA 360 (preferred); HBSS; ACAS; Nessus.
  • NGA experience desired.

External Referral Bonus:

Eligible

Potential for Telework:

No

Clearance Level Required:

Top Secret/SCI

Travel:

No

Scheduled Weekly Hours:

40

Shift:

Day

Requisition Category:

Professional

Job Family:

Information Assurance

About Leidos

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

This job posting is no longer active.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community