Vulnerability Assessment Analyst

Leidos

About The Position

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer’s success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. If this sounds like an environment where you can thrive, keep reading! The Civil group at Leidos has a career opening for an Vulnerability Assessment Analyst on a FAA NISC IV contract. The position will provide information system security support to multiple FAA customers. If you're looking for a challenging and rewarding career, apply today. Take the first step towards an exciting new chapter in your professional journey! Your greatest work is ahead! The Mission Leidos Civil Group helps modernize infrastructure, systems, and security. We are a trusted partner to both government and highly regulated commercial customers looking for transformative solutions in mission IT, security, software, engineering, and operations. We work with our customers including the FAA, DOE, NASA, National Science Foundation, Transportation Security Administration, Custom and Border Protection, airports, and electric utilities to make the world safer, healthier, and more efficient. Our customers take on the toughest challenges out there, and at times need a helping hand from specialists in their fields. We combine our scale as a Fortune 500 company with the deep technical knowledge of our core capabilities and the expertise of our talented and diverse workforce to deliver mission-centric innovations. For each of these core capabilities, we have developed proven, repeatable processes that help us deliver agile, cost-effective solutions to foster a better world. To explore and learn more, click here! Are you ready to join a team dedicated to a mission? Begin your journey of a flourishing and fulfilling career, share your resume with us today!

Requirements

Requires BS and 4+ years of prior relevant experience or Masters with 2+ years of prior relevant experience.
Must possess excellent writing and communications skills; candidate shall have the ability to develop documentation and management level presentation and present the materials to the management team.
Candidate is expected to have technical knowledge and skills in one of the following areas: systems administration, network engineering, software development, integration and testing, data analytics or security operations.
Technical understanding of supporting security initiatives, conducting security monitoring, reporting and maintaining security compliance following security regulations and policies.
Demonstrate potential and willingness to learn and adapt to rapid changes in technology.
Security+, CISSP certification or other security certification.
Requires US Citizenship and pass background investigation.
Clearance: While a clearance is not required to be considered for the position, the ability to obtain a clearance (i.e., Public Trust) is required if hired.

Nice To Haves

2+ years of experience with FAA environment.

Responsibilities

Act as a point of contact and subject matter expert for all cybersecurity related aspects to the assigned information systems, reviewing audit trail logs and scans, and ensuring systems are maintained per security policies and procedures, and maintaining compliance and ongoing reporting to management.
Analyze scan results, and document findings for products as required to successfully complete continuous monitoring.
Scan results and findings are to be documented according to NIST Guidelines and the Risk Management Framework (RMF) processes.
Develop and maintain system security plans and associated documentation, assisting with the implementation of security procedures, and verify information system security requirements.
Document and execute a plan for each information system security assessment and testing tasks performed in support of project tasks and as tasked for approved project requirements.
Perform information system Assessment and Authorization planning, testing, assessing and liaison activities.
Provide risk based analysis of information assurance/cybersecurity features and relate existing system to future needs and trends and requirements.
Assist with drafting, reviewing, and editing Plan of Action and Milestones (POA&M).
Provide the necessary support to monitor and ensure compliance with information security policies, procedures and regulatory requirements including assistance with internal auditing, reporting, technical reviews, and identification of security risks.
Work closely with government Information Assurance team to support Authorization to Operate (ATO) accreditation conditions and requirements.
Familiarity with Federal Risk and Authorization Management Program (FedRAMP) requirements.