Information System Security Officer (ISSO)

Leidos Holdings Inc.•Orlando, FL

34d•$85,150 - $153,925

About The Position

Leidos is seeking an Information System Security Officer (ISSO) to collaborate with the Information System Security Manager (ISSM) managing risks related to the use of processing, storing, or transmitting information to reduce or eliminate impact to confidentiality, integrity, or availability of information and information systems. ISSO job duties will include: Advise, conduct and document risk assessments. Implement IA and security standards and procedures to identify, report and resolve security violations. Assist with preparation and maintenance of documentation (IRP, ISCP, procedures etc.) Ensuring software, hardware, and firmware comply with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs). Ensuring proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Initiating exceptions, deviations, or waivers to cybersecurity requirements. Implementing and enforcing all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation. Initiating protective or corrective measures in the event of a cybersecurity incident. Ensuring all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals. Developing artifacts and supporting evidence to satisfy all applicable RMF Controls. Conduct risk assessments and vulnerability analyses to identify security weaknesses and recommend mitigation strategies. Prepare and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports, and Plans of Action and Milestones (POA&Ms). Coordinate and support security authorization activities, such as Assessment and Authorization (A&A) or Authority to Operate (ATO) processes. Manage ATO package in eMASS to include updating security controls, importing ACAS scans and STIG checklists

Requirements

US Citizen with at least an active Secret clearance and the ability to maintain your clearance during your employment with Leidos.
Bachelor's degree with 4+ years of experience or a Master's degree with 2+ years of experience. Additional experience may be considered in lieu of a degree.
Compliance with DOD 8140 requirements
Extensive working knowledge of RMF and maintaining compliance with ATO

Nice To Haves

Experience with eMASS
ISSO experience

Responsibilities

Advise, conduct and document risk assessments.
Implement IA and security standards and procedures to identify, report and resolve security violations.
Assist with preparation and maintenance of documentation (IRP, ISCP, procedures etc.)
Ensuring software, hardware, and firmware comply with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs).
Ensuring proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
Initiating exceptions, deviations, or waivers to cybersecurity requirements.
Implementing and enforcing all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation.
Initiating protective or corrective measures in the event of a cybersecurity incident.
Ensuring all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals.
Developing artifacts and supporting evidence to satisfy all applicable RMF Controls.
Conduct risk assessments and vulnerability analyses to identify security weaknesses and recommend mitigation strategies.
Prepare and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports, and Plans of Action and Milestones (POA&Ms).
Coordinate and support security authorization activities, such as Assessment and Authorization (A&A) or Authority to Operate (ATO) processes.
Manage ATO package in eMASS to include updating security controls, importing ACAS scans and STIG checklists