Information Security Professionals - ISSO ISSE

Description

Looking for an opportunity to make an impact?

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer's success.

We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community.

Our Mission, Vision, and Values guide the way we do business. With Leidos, you will enjoy competitive benefits such as four weeks of Paid Time Off, Flexible Schedules, Discounted Stock Purchase Plans, Unlimited Education and Training Support, Parental Paid Leave, and more!

If this sounds like an environment where you can thrive, keep reading!

The Leidos National Security Sector has numerous career opportunities for Information Systems Security Officers (ISSO) and Information Systems Security Engineers (ISSE) on our Leidos-led Prime Programs supporting the Ft.

Meade, MD customer. Our work locations range from North and South Laurel, Columbia, Annapolis Junction, Linthicum and Ft. Meade, MD.

Possible ISSO Job Duties :

• Provides aid to the program, organization, system, or enclave's information assurance program.
• Lends assistance for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
• Evaluates security solutions to ensure they meet security requirements for processing classified information.
• Performs vulnerability / risk assessment analysis to support certification and accreditation.
• Provides configuration management (CM) for information system security software, hardware, and firmware.
• Manages changes to system and assesses the security impact of those changes.
• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Assists security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF).

Possible ISSE Job Duties (in addition to ISSO duties above)

• Perform and / or review technical security assessments of computing environments to identify points of vulnerability, non- compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.
• Validate and verify system security requirements definitions and analysis and establishes system security designs.
• Design, develop, implement and / or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection / classification requirements.
• Build IA into systems deployed to operational environments.
• Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.
• Enforce the design and implementation of trusted relations among external systems and architectures.
• Assess and mitigate system security threats / risks throughout the program life cycle.
• Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
• Apply system security engineering expertise in one or more of the following : system security design process; engineering life cycle;
• information domain; cross domain solutions; commercial off-the-shelf and government off- the-shelf cryptography; identification;
• authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling;

configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.

Support security authorization activities in compliance with customer Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed customer business processes for security engineering.

Minimum Requirements

Active TS / SCI with polygraph security clearance

Bachelors Degree, candidates with out higher level education will be considered if they have extensive relevant ISSO or ISSE experience

DoD 8570 Certification compliance related to level of position. This could include one or more of the following IAT II, IAM I, II or III or IASAE I, II or III :

• Security+ CE
• CISSP
• CASP+ CE
• ISSEP

Five (5) or more years of experience as an ISSO or ISSE

Five (5) or more years of experience with MD customer security suite

CONMD

Original Posting Date :

2024-04-29

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range :

Pay Range $122,200.00 - $220,900.00

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.