he selected candidate will join the CATALYST Team as the Information Systems Security Engineer (ISSE), providing systems engineering support for cloud-based projects. The role of the ISSE is to bridge the gap between high-level security policies/requirements and technical/operational implementation of those requirements. The ISSE will work directly with Sponsor Information Security personnel to ensure their requirements are understood. The ISSE will then provide hands-on guidance to Scrum Masters and their development teams to ensure the requirements are fulfilled. This position requires a person that can perform within a team but can also work independently with minimal guidance as situations arise.
Our team uses a wide variety of commercial Amazon Web Services (AWS) to deliver critical Mission functions to Production using agile development principles. CATALYST provides services to build prototypes of new AWS cloud-based technical capabilities, and bring those capabilities through the full software development lifecycle including agile development, system test, and transition to operations (SecDevOps). This includes all services required to support application development, systems engineering, cloud services, COTS integration, and ongoing operations and maintenance.
• Oversee projects submitted for system security accreditation, from pre-submittal to final customer approval.
• Conduct assessments of existing IT architecture for compliance with security requirements from applicable security frameworks and Sponsor requirements.
• Produce high-quality documentation to support the System Security Accreditation process, such as bodies of evidence (BOEs), systems concept of operations, and system security plans (SSPs).
• Serve as subject matter expert (SME) to Development teams as they address Plan of Actions and Milestones (POA&M) resulting from security scans.
• Bachelor's degree and 12 years of relevant experience. Work experience can be used in lieu/combined with degree
• Currently holds an active clearance with the US Government sponsor (TS/SCI with Poly)
• 5 years of experience leading efforts to achieve system accreditation through the Sponsor’s process. This should include creation of bodies of evidence (BOEs) and related documentation required to obtain authorization to operate (ATO).
• Understanding of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)
• Understanding of information security principles and risk assessment techniques
• Strong analytical skills and attention to detail.
• Able to interview engineers on technical subject matter as well as brief executive- level stakeholders.
• Able to work as part of a small team and communicate technical details a manner that non-technical customer staff will understand concepts and objectives.
• Knowledge of lifecycle process for software development, web applications, and system implementation
• Experience in ISSO/ISSM responsibilities or working closely with ISSO/ISSM personnel.
• Experience in AWS, security engineering, encryption, and networking.
• Experience using security scanning applications similar to Tenable Security Center (NESSUS), WebInspect or AppDetectivePro.
• Experience with continuous monitoring, especially in the context of the Risk Management Framework (RMF) or SecDevOps
• Experience with system monitoring services (e.g., AWS CloudWatch, Splunk)
• Experience working within the Open Source Enterprise (OSE)
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Top Secret/SCI with Polygraph
Scheduled Weekly Hours:40
Job Family:Information Assurance
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.