Information System Security Officer

About The Position

Requirements

• Bachelor's degree coupled with a minimum of four years' applicable, related experience; Associate with six years' or Master's and two years. Equivalent relevant experience and/or certifications may be considered in lieu of degree.
• Must possess CompTIA Security+ CE certification
• Currently hold active DoD Secret clearance with ability to obtain Top Secret.
• Cybersecurity, systems security or hardening, Information Technology Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Guide (DAAG), National Industrial Security Program Operating Manual (NISPOM)
• Working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics)
• Physical security, Project or program management, office management, senior administration, or account management
• Security configurations across multiple operating systems in various environments, to include Windows, Linux, utilizing Active Directory/Group Policy, Delinea, etc. is required.
• Organization and self-motivation with excellent documentation skills and the ability to work with minimal supervision.

Nice To Haves

• Experience with IT (Windows, Linux) and/or security related certifications (CISSP, CISM, CISA, etc.) is preferred.
• Experience working in DoD classified operating and/or laboratory environments
• Experience with various information system security tools that address vulnerability analysis and mitigation. These may include SPLUNK, Trellix, SolarWinds, Tenable, SCAP, STIG Viewer.
• Familiarity with implementation of Government directives and policies derived from NIST, STIG, DoD, or other Government Regulatory compliance standards within a professional industry
• Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF), eMASS
• Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT)
• Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication

Responsibilities

• Managing the day-to-day compliance of our classified information systems
• Auditing information systems to ensure compliance with security policies and procedures while reporting any discrepancies to the ISSM, P-ISSM, ISO or FSO.
• Assisting in the Risk Management Framework (RMF) authorization process by developing and maintaining artifacts for the IS Body of Evidence (BoE).
• Reviewing and approving Configuration Management (CM) requests, within delegated authority, for all related hardware, software, and security‑relevant functions, ensuring proper documentation and maintenance throughout the CCB approval process
• Assisting with sanitization and release of hardware in accordance with security policies or Authorizing Official (AO) guidance.
• Testing/evaluation and application of required technical security controls and periodic inspections of information systems
• Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness
• Investigating information system security violations and help prepare reports specifying corrective and preventative actions
• Conducting technical and administrative assessments
• Integrating new cybersecurity processes, procedures, and tools
• Support the creation, review and update of cybersecurity documentation and other technical writing

Benefits

• Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.