Description

Leidos has an immediate opportunity for anInformation Assurance Security Officer/Information System Security OfficerinChantilly, VA. This position requires a candidate with anactive Top Secret clearance and the willingness and ability to successfully obtain an SCI and polygraph, if required.

The Information Assurance Security Officer (IASO) provides direct and indirect security engineering support to the execution of the customer's Information Assurance (IA) Certification and Accreditation (C&A)/Assessment and Authorization (A&A) mission.

The IASE will be responsible for:

• Manage, monitor, and report on installation, configuration, testing, and administration of systems and capabilities to support the automated scanning, monitoring in support of C&A/A& and ICD-503, NIST 800-53 security controls mappings, reporting of FISMA and reporting of Information Assurance Vulnerability Alerts (IAVA)/Intelligence Community Vulnerability Alerts (ICVA).

• Manage, monitor, and report on integrating and testing features and functions within the A&A Management solution. This includes, but may not be limited to, DoD 8500.2, and NIST 800-53 Security Controls mappings; implementing updates business processes, workflow, and templates; and direct support to the government customer

• Manage, monitor, and report on performing security assessments; design reviews; and providing guidance on new technologies for the program. New technologies may include, but are not limited to, Cloud technologies, Hardware, Operating System, Web technologies; and Databases

• Handle information system Assessment and Authorizations (A&A) as well as Continuous Monitoring (ConMon) tasks.

• Prepare and maintain information systems Accreditation and Authorization (A&A) packages (BoE - Test Plan, SSP)

• Collaborate with cross-functional team to implement security controls and measures and provide technical guidance to team members on security-related issues.

• Conduct Configuration Management (CM) tasks to ensure all associated hardware, software, and security relevant functions are maintained and documented.

• Review system vulnerability scans, verify implementation of DISA STIG's, and report any outstanding security relevant risks to the program for mitigation.

Basic Requirements:

• B.S. in Computer Science, IT or applicable engineering or science field

• Twelve years of prior relevant of related experience

• Active TS/SCI w polygraph is required.

• Experience with the Risk Management Framework (RMF) and ICD 503 Security Accreditation processes.

• Experience in development of technical documentation to include artifacts required to support Assessment & Authorization (A&A) under the Risk Management Framework

• Candidate must demonstrate experience interpreting and applying government security regulations such as NIST, ICD and FISMA.

• Show knowledge of risk management, and information system security principles.

• Experience with security configurations across multiple operating systems in various environments, to include Windows, Linux, utilizing Active Directory/Group Policy.

• Candidate must be highly organized and self-motivated with excellent documentation skills and the ability to work with minimal supervision. Candidate should be able to communicate effectively with customers and team members at all levels.

• Ability to work independently within a schedule and with little direction.

Preferred Qualifications:

• Experienced with various security tools and processes such as Tenable SC, Nessus, Fortify, Xacta, Trellix, Elastic (Kibana)

• Experience with Cloud Computing Technologies/Amazon Web Services (AWS)

• STIG compliance and POA&M and vulnerability management

• Knowledge of the complex environment involving shared IC networks and multiple security enclaves

• Knowledge of CMDB and Service

"External Referral Eligible"

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.