The Defense Group at Leidos has an exciting opportunity as an Audits, Inspections, and Assessments Lead on our GSMO II IDIQ contract’s Joint Service Provider (JSP) Cyber Security Task Order in Alexandria, VA. JSP provides a full range of IT products, services, and solutions and customer services to the Office of the Secretary of Defense (OSD), Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff (JS), Director of Administration (DA), Pentagon Force Protection Agency (PFPA), Washington Headquarters Services (WHS), and other OSD offices for them to meet mission and business requirements. Through the JSP Cyber Security program, JSP performs a wide variety of services and functions required to secure the information security posture for DoD services.
This Task Order has 100+ FTEs working to ensure JSP’s Cyber Security program adheres to JSP, DoD, and National Institute of Standards and Technology (NIST) approved cyber society, information assurance (IA) architecture, policies, programs, standards, and guidelines. The Audits, Inspections, and Assessments Lead is responsible leading and conducting cyber security-related audits, inspections and assessments, including conducting SRRs, managing projects, serving as a trusted agent, conducting site/staff assistance visits, vulnerability assessments, compliance assessments, and ensuring compliance with CSSP and CCRI evaluation criteria.
The Audits, Inspections, and Assessments lead shall plan, coordinate, schedule, resource, track, document, execute, and improve assessments and inspections performed by external organizations upon the JSP enterprise, as well as self-audits, self-inspections/assessments and Subscriber audits/inspections performed by JSP. Other expected duties are:
• The Audits, Inspections, and Assessments lead shall plan, coordinate, schedule, resource, track, document, execute, and improve assessments and inspections performed by external organizations upon the JSP enterprise, as well as self-audits, self-inspections/assessments and Subscriber audits/inspections performed by JSP.
• The Lead will develop and implement strategies, processes, and procedures to ensure “continuous inspection readiness” for by executing Site Assistance Visits (SAVs) in preparation for CSSP, CCRI, Command Cyber Operational Readiness Inspection (CCORI), North Atlantic Treaty Organization (NATO), Balanced Survivability Assessment (BSA), and similar inspections and audits and assessments Vulnerability Assessment Team, Continuous Monitoring (CONMON), Vulnerability Management Program (VMP).
• The Lead will develop and implement procedures to track and report completion/closure of inspection findings documented in POA&Ms and other action item reports.
• The Lead will validate remediation of the findings or submit the artifacts/or POA&Ms to inspecting organization for approval.
• The Lead will coordinate, de-conflict, communicate, and facilitate between JSP and external organizations to prevent potential interruptions to JSP networks, systems, and services.
• Will ensure completion of appropriate actions and activities and preparation of required artifacts to ensure maximum preparation and readiness for CCRI, CCORI, and CSSP, including updated versions of the evaluation criteria.
• Will coordinate cross functionally internal to the organization as well as with higher headquarters commands and supported customers to ensure enterprise-wide readiness.
• Will recommend areas for improvement and review the output from inspections in support of preparing other components with upcoming inspections.
• Will lead a team doing Audits, Inspections, and Assessments.
This role will be based onsite in Alexandria, VA and an active Top Secret (With SCI eligibility) security clearance is required prior to start. Some remote work will be allowed.
Bachelor’s degree in IT-related field and 12+ years IT program/project management experience leading audits and inspections.
5+ years IT program management experience leading audits and inspections in DoD environment
Demonstrates successful track record for delivering large/complex projects on time and within budget within DoD Organizations
Demonstrates expert level experience with the planning, coordinating, scheduling, resourcing, tracking, documenting, executing and analyzing audits and inspections within an organization.
Demonstrates experience with applying compliance standards to large and complex IT environments.
Demonstrates ability to evaluate the design and effectiveness of controls and standards to ensure compliancy in accordance with the applicable audits and inspections for an organization.
Demonstrates expert level understanding of vulnerabilities/weaknesses across complex IT environments and ability to understand applicability of security standards across technologies.
Demonstrates experience with communicating and coordinating at a functional and senior government.
Demonstrates experience with data analysis and developing work products to enable government risk based decisions.
Demonstrated experience with the development and execution of knowledge management best practices and the automation of knowledge management frameworks in order to enhance processes and procedures related to the management of a project.
Demonstrates experience with the development and coordination of guidance and work products related to issues tracking management, plan of actions and milestones, and ensuring transparency of vulnerabilities within an organization.
DoD 8570 IAT Level III certification is required prior to start.
Top Secret (SCI eligibility) security clearance is required prior to start.
External Referral Eligible
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.