Are you interested in being part of a world class team that is supporting one of the world’s largest integrated transportation, logistics and supply chain systems? Interested in a position that will encourage and promote future growth opportunity? If this excites you, Leidos has just the role for you!
Leidos has been asked to provide key talent in support of an Information Assurance Engineer on the IGC III program. As IA Engineer, you’ll be working with IGC which is USTRANSCOM’s System of Record for In-Transit Visibility (ITV) and Asset Visibility (AV). Customers that you will be supporting and sustaining include the Combatant Commands, Services, DOD, and other federal agencies.
Location: Work will be primarily performed remote, with on-site support at Scott AFB, IL as required.
What will you do as Information Assurance Engineer?
- Maintain compliance of the IGC program utilizing Risk Management Framework (RMF) in accordance with National Institute of Standards and Technology Special Publication 800-37 (NIST SP 800-37)
- Access the Information Assurance Support Environment (IASE) Security Technical Implementation Guide) STIG repository to download, benchmarks, STIGs and tools
- Utilize the STIG Viewer to create checklists, analyze vulnerabilities, determine findings and prepare remediation and mitigation strategies for RMF Continuous Monitoring requirements
- Review weekly USCYBERCOM Information Assurance Vulnerability Alerts and Bulletins (IAVAs and IAVBs) for applicable vulnerabilities
- Submit weekly Information Assurance Vulnerability Management (IAVM) reports and prepare IAVM and non-IAVM patch packages for manual patch application by system administrators
- Analyze Assured Compliance Assessment Solution (ACAS) scans using the Enterprise Security Posture System (ESPS) and report IAVM and non-IAVM vulnerabilities to system administrators to ensure systems are patched prior to remediation due dates
- Maintain quarterly RMF STIG Plan of Action and Mitigation (POA&M) and weekly IAVA POA&M
- Install Microfocus Fortify Scan Engine/Rulepack updates to Clearcase.
- Scan/Analyze IGC code utilizing Microfocus Fortify and collaborate with customer/developers to mitigate/remediate security findings
- Prepare and deliver IGC releases for Government security approval
- Prepare and update RMF documentation as part of Continuous Monitoring
- Develop metrics for measuring and improving the effectiveness of the IGC security plan
- Manage secure systems and security containers in a classified environment
- Communicate directly with military, other contractors, and U.S. Government personnel; therefore, requires excellent oral and written communication skills
- Prepare and lead weekly Information Assurance meeting
- Collaborate with developers and engineers to advise on secure system configurations
- Provide Vulnerability Assessments with recommended mitigation/remediation steps
- Additional duties may include supporting Technical Writing, Systems Analyst/Administration, Tier2 Help Desk, Test Engineering, Development
- Tailor Leidos Engineering procedures to meet program requirements and standards.
- Support proposal efforts and other tasks, as required.
The minimum qualifications required to be considered for this role are as follows:
• Must hold an active DoD Secret Clearance
• B.S. in Cyber Security, Computer Science, Information Technology, or related field and 4 – 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience or 12+ years’ of experience in lieu of degree
• Must hold current DoD-8570 IASE Level 2 baseline certification (CISSP, CISSP-Associate, CSSLP, or CASP+ CE)
• Experience with Risk Management Framework (RMF)
• Demonstrated hands-on experience with vulnerability scanning solutions
• Demonstrated hands-on experience with the DOD Information Assurance Vulnerability Management program
• Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, defense-in-depth and common security elements
• Experience with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security
• Knowledge of Department of Defense (DoD) 8500 series instructions, Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS) guidelines and (NIST) 800 series to ensure compliance of deployed and local infrastructure assets
The preferred qualifications that would make you stand our (but are not required) include:
Knowledgeable and/or Experience with the following:
• Experience with Security Tools
• Understanding of Sharepoint
• Understanding of VMware technology
• Understanding of Systems and Test Engineering Processes
• Experience with malware analysis concepts and methods
• Understanding of Department of Defense Military standards
Effective October 1, in order to enter Leidos facilities in the US and to attend Leidos business events outside our facilities, employees will be required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. Effective January 18, 2022, all Leidos employees must be fully vaccinated (2 weeks past final dose) unless they are entitled to a legal accommodation. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.