IV&V Junior Analyst
About The Position
The mission of the DHS Chief Information Security Officer Directorate (DHS CISOD) is to support the Department’s implementation of all applicable regulatory requirements including the Federal Information Security Modernization Act of 2014 (FISMA), relevant Office of Management and Budget (OMB) Circulars, Executive Orders, Federal laws, directives, policies, and regulations. The DHS CISOD’s mission is to also provide the Department of Homeland Security (DHS) a secure and trusted computing environment. The DHS CISOD assists in ensuring Department compliance with information security requirements. Information security is an essential business function, critical to enabling DHS to conduct its operations and deliver service to the public. Leidos has a critical need for a an IV&V Junior Analyst to ensure DHS-wide compliance relating to federal information security laws, regulations, mandates, and standards by providing the resources and guidance necessary to support Components in strategic decision-making processes for managing security and risk postures within a collaborative environment.
Requirements
- Must be able to obtain a DHS Security Clearance.
- Bachelor’s degree with 4 or more years’ experience in a related field; additional years of related work experience may be considered in lieu of degree
- Experience with DHS, DoDIIS, and IC tools, systems, and reporting mechanisms/requirements for IV&V.
- Ensure compliance with DHS Standards and procedures.
- Good familiarity with and understanding of all relevant government and agency policies and procedures to ensure system documentation is compliance with relevant guidelines, e.g., FedRAMP, RMF, FISMA, FIPS-II, NIST, etc.
- U.S. Citizenship is required.
Responsibilities
- Support CISOD in performing IV&V testing over Component V&V of remediated IT controls. This includes: reviewing and performing analysis of Component V&V (performing a compliance check to ensure that controls tested by component are adequate), communicating results to the Component, tracking V&V packages, to include CISOD and OCFO signatures indicating completion, and providing updates to be included in monthly IT audit report(s).
- Assist in reviewing component IT commitment letters and providing comments.
- Monitor and report on testing/passing status against the component IT commitment letters.
- For administration- create a process for selecting QA items for both assessments and remediation, create/update a checklist/process for QA of assessments and remediation, create responsibilities, accountabilities, consulted and informed (RACI) chart, develop Traceability Matrix, incorporate enhancements, design CFO designated system review/checklist to be completed for Assessments and Authorizations, enhance SSPs to incorporate guidance, GRC system updates, and finalize and publish standard guidance documents.
- Assist in performing Security Authorization Reviews.
- Evaluate each Component’s CFO- designated and other ancillary System Security Plans (i.e., SP) in order to determine if all CIC controls or components otherwise noted by DHS OCFO have been documented in their entirety. The analysis requires the assessor to determine if the documentation includes the appropriate type of control, each applicable layer of the system, and note any valuable observations. Additionally, developing measurable data that can be communicated to high-levels of management to make the information easily digestible
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Number of Employees
5,001-10,000 employees
