Information Assurance Engineer
Posted on 11/2/2022
Odenton, MD, USA
- Requires BS degree and 8+ years of prior relevant experience
- Active DoD Secret Security Clearance and ability to obtain a DoD Top Secret clearance
- Hold and active security certification that meets DOD 8570 IAT level II or higher, such as Security+
- The qualified candidate shall have excellent customer service skills and the ability to work independently, prioritize, schedule, and complete multiple tasks
- Ability to multi-task and self-assign work in a fast-paced environment
- Strong communication skills that enable proactive and effective collaboration with a virtual team, including the ability to clearly articulate status and present to both customers and program leadership. Candidate shall have the ability to develop and present management level briefings
- Demonstrate potential and willingness to learn and adapt to rapid changes in technology
- Perform ISSO responsibilities, including acting as a point of contact and subject matter expert for all cybersecurity related aspects to the assigned information systems, ensuring systems are maintained per security policies and procedures and maintaining compliance and ongoing reporting to management
- Conduct regular briefings with the customer on cybersecurity status, including preparing briefing materials
- Work closely with government Information Assurance team to support Authorization to Operate (ATO) accreditation conditions and requirements. Coordinate and support site visits / audits, including System Readiness Reviews (SRR) and Site Assistance Visits (SAV)
- Author, review, coordinate and submit required artifacts to eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and ATO in accordance with the project schedule
- Submit and gain approval of Ports, Protocols and Services Management (PPSM) updates, including CLSA and exception form submissions
- Develop and update assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems
- Procedures (TTP), Plan of Action and Milestones (POA&M) and Federal Information Security Management
- Perform information system Assessment and Authorization planning, testing, assessing and liaison activities, including security scans, scan results analysis and audit trail log reviews. Document scan results and findings according to NIST Risk Management Framework (RMF) processes. Conduct regular privileged user management reviews. Evaluate software and hardware during pre-acquisition phases to determine its ability to meet minimum security requirements based on NIST SP 800-53 security controls
- Assist with the implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components
- Conduct ongoing security reviews and tests of systems to verify security features and controls are functional and effective. Take corrective action to resolve identified vulnerabilities
- Vulnerability assessment and analysis experience utilizing ACAS/NESSUS and DISA STIGs
- Experience with DoD implementation of the Risk Management Framework (RMF) and governing directives (NIST, CNSS, DSS, etc.)
- NIST RMF Assessment and Authorization (A&A) experience
- Experience with operating IT security tools, such as ACAS, HBSS, DISA STIGs
- Cloud/AWS accreditation experience
- Prior experience working Cybersecurity in accordance with US Government (USG), Department of Defense (DOD)
Scientific & engineering systems integration service
Leidos’s mission is to make the world safer, healthier, and more efficient through technology, engineering, and science. The company is a leader in systems integration and technical solutions while working closely with all branches of the U.S. military, the U.S. Department of Defense, other U.S. government civil agencies, and also customers in select markets across the globe.
- Medical, dental, & vision insurance
- Health Savings account
- Income protection
- Paid parental leave
- Jury duty pay
- Bereavement leave
- 401(k) Retirement Plan
- Employee Stock Purchase Plan
- Family Benefits
Company Core Values
- Integrity: Is having the courage to make tough ethical decisions, taking pride in our work, being transparent with our team, and being respectful of everyone.
- Inclusion: Is fostering a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone.
- Innovation: Is not limited to our engineers and scientists. It is acting as a catalyst. Being tenacious and curious to help us excel and be a part of a learning organization.
- Agility: Is being flexible, creative, and resilient. It is our ability to think and act small while using the size and strength of our balance sheet to our advantage.
- Collaboration: Is being team-oriented and proactively engaging to meet shared objectives. It is about building relationships and staying connected with each other.
- Commitment: Is being accountable, taking ownership, modeling servant leadership, and operating with a sense of urgency to our customers and teams.