Leidos has an exciting opportunity for a Cybersecurity Information System Security officer (ISSO) located in Beavercreek, Ohio. As part of the Leidos Beavercreek Security Team you will collaborate with Information System Security Manager (ISSM) and System Owners to help ensure IT systems remain compliant to government regulations, frameworks, and standards pertaining to SP NIST 800-53A. Qualified candidates will have knowledge, experience and demonstrated ability to perform tasks related to assessing, securing, and monitoring IT systems. Candidates will have the ability to work independently and apply the proper procedures and process related to their area of expertise. The ISSO will assist the ISSM in the development of Risk Management Framework (RMF) security package documentation such as System Security Plans (SSP), standard operating procedures, security control assessments, self-inspections and any relevant Plans of Action and Milestones (POAMs). 

• Perform ISSO duties of establishing and administering appropriate security systems, policies, standards, and procedures in compliance with applicable government and corporate directives, guidelines, and customer contractual requirements
• Perform security audits in accordance with corporate and government compliance policies NIST 800-53A.
• Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs of Windows and Linux systems
• Promote awareness of security issues and communicate deficiencies to ISSMs and ISOs.
• Recommend and implement programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
• Assess security events to determine impact and implementing corrective actions
• Ensure the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.

Basic Qualifications

• Strong understanding of information security and cybersecurity policies, principles, and practices in the delivery of all IT services.
• Experience in writing RMF package documentation. 
• Bachelor of Science in Technical field and at least 8-12 years of relevant work experience.; Additional years’ of experience and/or certifications may be considered in lieu of a degree.
• Active DoD SECRET clearance. (U.S. Citizenship required)
• Possess a security+ 8570 certification.
• Well versed in the understanding and implementation of security controls within the NIST SP 800-53A.
• Experienced with policies and procedures to ensure information systems confidentiality, integrity, and accessibility.
• User level experience in traversing Linux directories and executing scripts.   
• Experience in risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs.
• Experience in documenting system deficiencies and recommending solutions for remediation.  
• Familiar with automated vulnerability scans using Tenable Nessus, SCAP, or other similar applications.
• Have participated in systems security evaluations, audits, and reviews.
• Be able to learn new technologies and skills that are essential to ISSO roles and responsibilities.

Preferred Qualifications

• Experienced with Splunk, Tenable Nessus, SCAP applications and tools
• Experienced in basic Linux and Windows administration

Original Posting Date:

2024-10-10

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.