Description
The Leidos Homeland Security Services Intelligence Division of Leidos has a prime opening for an ISSO to support the Customs and Border Patrol. This candidate will manage overall security related policies, procedures, laws and regulations; create, document and implement various security plans and compliance documents to enforce Information Assurance principles.
Primary Responsibilities:
Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for existing and new systems.
Conduct both technical and non-technical internal audits and testing to validate system and operational requirements compliance.
Use workflows to develop security artifacts.
Document, organize and implement security control requirements
Identify current and new risks.
Prepare vulnerability test plans and coordinate the testing and result procedures.
Assess customer based solutions and provide recommendations for any improvements to current security posture.
Ability to review and write security related policies and procedures.
Basic Qualifications
Bachelor Degree in Computer Science, IT, Information/Cyber Security field from an accredited college or university.
Additional years of experience and certifications may be considered in lieu of a degree.
2-4 years of experience working as an ISSO or other IT related field.
Must have an interim Secret Clearance. In addition to the specific clearance requirement, all personnel supporting CBP must have a current background investigation (BI) or obtain a favorable BI before joining the program.
Minimum of 1-2 years of experience as an ISSO supporting major federal information systems/applications.
Knowledge with auditing security controls and financial processes
Superior writing, communication and critical analysis skills.
Deep understanding of Information Assurance, Information Technology and Information Management concepts, processes and procedures.
Additional Qualifications:
NIST SP 800-37 Risk Management Framework security assessment and authorization (A&A) processes.
NIST 800-53 security controls and required documentation.
Security controls (i.e. NIST SP 800-53, FISCAM, etc.) assessments in support of FISMA, A-123 and annual self-assessment initiatives.
Federal Risk and Authorization Management Program (FedRAMP) for authorization of cloud services.
Enterprise Logging System to conduct regular reviews of audit logs (operating system, application, database, etc.) for security anomalies and compliance with applicable policies and procedures.
POA&M Management and Risk Management Framework (RMF).
Reviewing operating system, application, and database security baseline configuration documentation to ensure compliance with agency hardening guidelines.
Reviewing proposed change requests related to system design / configuration and performing a security impact analysis to provide approval or denial recommendations.
Reviewing vulnerability scan results.
Preferred Qualifications:
This position is currently remote, with 1 day a week onsite in Ashburn, VA
Original Posting Date:
2024-12-12
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range -
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
#Remote