Information System Security Engineer

Leidos•Orlando, FL

10h•Onsite

About The Position

Are you ready to join Leidos all-star team? Through training, teamwork, and exposure to challenging technical work, let Leidos show how to accelerate your career path. The Decision Advantage Business Area at Leidos has an opening for an experienced Information System Security Engineer (ISSE) to work in our Orlando, FL office. Department of the Air Force (DAF) Battle Network and supporting infrastructure. In this mission we support the Department of the Air Force (DAF) to field and operate the customer's Digital Infrastructure. The ISSE will be involved in day-to-day activities and strategic long-term maturation of complex systems. Details are as follows: Primary Responsibilities The ISSE will be responsible for monitoring TEMPEST certifications and the development of an RMF Assess and Authorize (A&A) package, including detailing controls, a system scanning plan, POA&M maintenance, and a Body of Evidence validating control implementation. High Level tasking for this team will include the following: Plan and detail the security of a complex mission-critical defense network per the DoD RMF. Plan, document, and achieve system Interim Authorization to Test (IATT), Interim Authorization to Operate (IATO), Authorization to Operate (ATO), Authorization to Connect (ATC), Interconnection Security Agreement (ISA) and other approvals as required by the Government Authorizing Official. Perform and/or review security assessments of computing environments to identify points of vulnerability, non- compliance with established Cybersecurity standards and regulations and recommend mitigation strategies. Validate and verify system security requirements definitions and analysis. Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policy and solutions. Assess and develop mitigations for Security Compartmented Information (SCI) system security threats/risks throughout the program life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for SCI systems and Classified networking operations.

Requirements

Bachelors Degree and 8 to 12 years of relative experience.
Active and current Secret clearance with the ability to obtain a and maintain TS/SCI clearance.
Achievement of any DoD 8140 or DoD 8570 baseline certification within 6 months of start of work.
Experience with Air Force Intelligence Community NIST Risk Management Framework .
Experience with Intelligence Communitive Directive 503.
Experience with Cross-domain or segmented architectures.
Experience with NIST SP 800-53 control development and documentation.
Experience operating within Sensitive Compartmented Information Facility (SCIF) and Classified networks.

Nice To Haves

Experience working with DoD security Assessment and Authorization.
Experience with eMASS, Jira, and Confluence.
Experience developing and maintaining authorization Body of Evidence.
Experience with Tenable Nessus, Security Onion SIEM solution.
Understanding of TEMPEST requirements and assessments

Responsibilities

Plan and detail the security of a complex mission-critical defense network per the DoD RMF.
Plan, document, and achieve system Interim Authorization to Test (IATT), Interim Authorization to Operate (IATO), Authorization to Operate (ATO), Authorization to Connect (ATC), Interconnection Security Agreement (ISA) and other approvals as required by the Government Authorizing Official.
Perform and/or review security assessments of computing environments to identify points of vulnerability, non- compliance with established Cybersecurity standards and regulations and recommend mitigation strategies.
Validate and verify system security requirements definitions and analysis.
Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policy and solutions.
Assess and develop mitigations for Security Compartmented Information (SCI) system security threats/risks throughout the program life cycle.
Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for SCI systems and Classified networking operations.