Cybersecurity Compliance Analyst

Leidos

22h•Remote

About The Position

LEIDOS has an excellent opportunity for an experienced Cybersecurity Compliance Analyst. This position is in support of a Department of Defense (DoD) organization, US EUCOM located OCONUS in Stuttgart, Germany. This position is temporary lasting 4+ months and can be done remotely. More About the Role: We're looking for a motivated candidate to present products and ideas in a business-like manner. The candidate will be required to work in a dynamic fast paced environment that requires team interaction and coordination of efforts. The candidate must be experienced in interfacing with both client managers and system users. Conducts cybersecurity program/system security status assessments and supports the development of Cybersecurity program(s) including the development of policies and procedures in accordance with DoDI 8500.01 Risk Management Framework. Tracks organizational cybersecurity compliance, ensures necessary remediation needs are communicated, tracks remediation through completion and ensures necessary cybersecurity documentation is accurate and in order. Responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by information systems to determine the overall effectiveness of the controls. Prepares for, assists with, and monitors cyber assessments (staff assistance visits [SAV], Command Cyber Operations Readiness Inspections [CCORI], NSA Red and Blue Team assessments, vulnerability scans, assessment and authorization [A&A] reviews). Develops technical standards (SOP\TTPs, technical implementation instructions, or other required documentation) for security focused processes, security operations and other operations as required for Government approval. Works closely with defensive cybersecurity operation (DCO) teams to identify, monitor and respond to cyber events\incidents from discovery to closure as a part of the local incident response policies. Interacts with customers, IT staff, and high-level military officials to assist in defining and achieving required cybersecurity objectives for the organization. Conduct Risk Assessments, determine the risk to operations, and provide risk recommendations to the customer after reviewing a system’s overall risk posture as part of the Security Authorization (Authority to Operate\Connect) process. Through basic understanding of network security fundamentals, LAN\WAN switching technologies, routing technologies, infrastructure security technologies and services, reviews network architecture diagrams for cybersecurity compliance. Responsible for assessing and authorizing the use of software and hardware across multiple enterprise networks. Must have experience implementing with the following policies: DODI 8510.01 Risk Management Framework (RMF) for DoD Information Technology CJCSI 6510.01F Assurance (IA) and Computer Network Defense (CND) CNSSI 1253 Security Categorization and Control Selection for National Security Systems CJCSM 6510.01B Cyber Incident Handling Program DODD 8140.01 Cyberspace Workforce Management CJCSI 6211.02D Defense Information Systems Network (DISN): Policy and Responsibilities JFHQ-DODIN TASKORDS, OPORDS, WARNORDS and GENADMINS

Requirements

At least 3 years of supervisory and technical management experience in Cybersecurity
Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance
BA/BS + 8 years recent specialized or AA/AS +10 years recent specialized or a major cert + 12 years recent specialized or 14 years of recent specialized experience
DoD 8570 IAM III and IAT II Baseline Certification
Knowledge of DoD IT RMF, USCYBERCOM, and JFHQ-DoDIN
Advanced Proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint)

Nice To Haves

Microsoft Azure Certification (Server Administration)
Cisco Certified Network / CyberOps Associate
RedHat Certification Associate
Proficiency with Microsoft SCCM and/or other automatic reporting tools
Proficiency with PowerBI
Experience with ElasticSearch and Splunk
Adaptable to changing circumstances and operational needs
Understanding of Department of Defense Military standards
Experience with DoD IT security requirements
Experience managing asset accuracy to Critical Success Factors (CSF)
DoD 8570.01 Certification Compliance (CISSP, ISSEP, CISM)
CITS3

Responsibilities

Conducts cybersecurity program/system security status assessments and supports the development of Cybersecurity program(s) including the development of policies and procedures in accordance with DoDI 8500.01 Risk Management Framework.
Tracks organizational cybersecurity compliance, ensures necessary remediation needs are communicated, tracks remediation through completion and ensures necessary cybersecurity documentation is accurate and in order.
Responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by information systems to determine the overall effectiveness of the controls.
Prepares for, assists with, and monitors cyber assessments (staff assistance visits [SAV], Command Cyber Operations Readiness Inspections [CCORI], NSA Red and Blue Team assessments, vulnerability scans, assessment and authorization [A&A] reviews).
Develops technical standards (SOP\TTPs, technical implementation instructions, or other required documentation) for security focused processes, security operations and other operations as required for Government approval.
Works closely with defensive cybersecurity operation (DCO) teams to identify, monitor and respond to cyber events\incidents from discovery to closure as a part of the local incident response policies.
Interacts with customers, IT staff, and high-level military officials to assist in defining and achieving required cybersecurity objectives for the organization.
Conduct Risk Assessments, determine the risk to operations, and provide risk recommendations to the customer after reviewing a system’s overall risk posture as part of the Security Authorization (Authority to Operate\Connect) process.
Through basic understanding of network security fundamentals, LAN\WAN switching technologies, routing technologies, infrastructure security technologies and services, reviews network architecture diagrams for cybersecurity compliance.
Responsible for assessing and authorizing the use of software and hardware across multiple enterprise networks.
Must have experience implementing with the following policies: DODI 8510.01 Risk Management Framework (RMF) for DoD Information Technology CJCSI 6510.01F Assurance (IA) and Computer Network Defense (CND) CNSSI 1253 Security Categorization and Control Selection for National Security Systems CJCSM 6510.01B Cyber Incident Handling Program DODD 8140.01 Cyberspace Workforce Management CJCSI 6211.02D Defense Information Systems Network (DISN): Policy and Responsibilities JFHQ-DODIN TASKORDS, OPORDS, WARNORDS and GENADMINS

Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers.
Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.
More details are available here.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume