- Supporting real time threat awareness to include identification, reporting, mitigation, and documentation of the threat, risk to the network, and mitigation plan
- Supporting continuous monitoring efforts and processes to maintain an acceptable risk posture, as required
- Conducting security control assessment assessments with information system security stakeholders, collect and review artifacts and evidence for compliance with security controls, document and update security assessment results.
- Ensuring the quality assurance of all security processes and documentation
- Ensuring non-compliance of security control is remediated through the use of the Plan of Action & Milestones (POA&M) process
- Reviewing evidence of remediation of findings, providing guidance and expertise where necessary. Recommending closure of POA&Ms when appropriate
- Submitting updates for existing system security plans based on POA&M closure or documented deviations from the implementation of security controls
- Interpreting policies, procedures, standards, guidelines, and regulations to include National Institute of Standards and Technology (NIST) and Federal Information Security Management Act
- Other duties as assigned
- Bachelor’s degree and 2 years of experience in information systems and IT security. An additional 6 years of experience will be considered in lieu of degree.
- Currently possess or be able to obtain a public trust clearance.
- Experience identifying when threats to the network should be communicated to management, and the ability to formally document and communicate the threat in a report.
- Be capable of interpreting task requirements and selecting appropriate methodologies to complete task and carry it through to completion.
- Ability to conduct research into security issues and products as required.
- Strong interpersonal, organizational and communication skills.
- Excellent attention to detail
- Ability to work in a team-oriented and collaborative environment
- Strong Microsoft Office 2010 skills to include (Word, Excel, Visio, and PowerPoint)
- At least one year of experience performing NIST-based Security Assessment and
- Authorization (formerly called Certification and Accreditation) activities in direct support of Federal information systems.
- Experience with real time threat awareness/continuous monitoring that includes: operational experience, firewall management, security information and event management (SIEM), and the ability to identify threats to the network.
- Relevant professional certifications from recognized industry consortiums including ISC2, ISACA, CompTIA, and GIAC specifically Security+, CAP, CISSP or equivalent
- Experience with Tenable Security Center
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin’s Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos is an Equal Opportunity Employer.