This job is no longer available
There are still lots of open positions. Let's find the one that's right for you.
The Defense Group at Leidos is seeking a Security Control Assessor-Representative (SCA-R) Subject Matter Expert (SME) for our GSMO II IDIQ contract's Joint Service Provider (JSP) Cyber Security Task Order located in Alexandria, VA. The JSP provides a comprehensive range of IT products, services, and solutions to various offices within the Office of the Secretary of Defense (OSD), including the Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff (JS). This role is critical in ensuring that these offices meet their mission and business requirements through effective cybersecurity measures. The JSP Cyber Security program is responsible for a wide array of services and functions that are essential for securing the information security posture of DoD services. As a senior member of the team, the SCA-R will implement and oversee all of JSP's Information Systems (IS), focusing on new and re-authorization efforts, security posture, and authorization/Risk Management Framework (RMF) activities. The SCA-R will be tasked with reviewing security artifacts for system authorizations, assessing the technical and functional adequacy of cybersecurity and information assurance controls. This position requires the development and maintenance of the SCA-R/Verification and Validation (V&V) schedule, ensuring that all assessments and validations of implemented controls and Plan of Actions and Milestones (POA&M) items are conducted in accordance with established timelines. The SCA-R will also be responsible for developing and gaining approval for the Security Assessment Plan (SAP) prior to the assessment of all implemented security controls and technology areas. This includes conducting both automated and manual assessments in accordance with NIST SP 800-53 and NIST SP 800-115. The role involves the creation of V&V and security assessment reports that capture the results of these assessments, providing a comprehensive overview of the IS for the completion of the POA&M. Additionally, the SCA-R will develop an Authorization Package that includes all required artifacts in accordance with NIST SP 800-37, which encompasses risk analysis and recommendations for the authorizing officials' decisions. The SCA-R will support, implement, and adhere to all relevant NIST, Federal, DoD, DISA, and JSP policies, procedures, and standards regarding cybersecurity and the RMF. Participation in JSP's configuration management boards is also a key responsibility, where the SCA-R will provide technical expertise while considering the impact of requested changes on security policies, standards, and guidelines.
