Apply on Employer Site

Leidos · 7 hours ago

Insider Threat Program Information System Security Officer (MID)

Washington, DC

Full-time

Onsite

Mid, Senior Level

$108K/yr - $195K/yr

8+ years exp

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. The Information System Security Officer will support the Department of Homeland Security's Insider Threat Program by providing security engineering support, conducting vulnerability scans, and ensuring compliance with security assessments and documentation requirements.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Provide support for security engineering, and the integration and deployment of security technology to support advanced external threat, insider threat, and cyber operations.The contractor shall resolve concerns or issues related to UAM components within 48 hours and the Government’s request should be acknowledged within 1 hour during normal business hours

Perform weekly, or as directed by the government, vulnerability scans in support of FISMA requirements. For all systems, coordinate with the respective system owner, system administrator or Information System Security Officer (ISSO) to notify them that weekly scanning is to be performed and that the scan results are to be forwarded to the ITP for analysis

Support security assessments by working with the respective system owner, system administrator and/or Information System Security Officer (ISSO) to defining the scope, developing a test plan and rules of engagement document, obtaining necessary government approval, analyzing results, preparing a written report with the findings, impacts, and recommendations, and holding out briefings of findings

Provide a quarterly status of the scan coverage and identify and report on issues with coverage to the government

Perform technical analysis of all scan results and prepare a written report of analysis for the government monthly, as needed, or at the request of the Government

Conduct ITP directed vulnerability scans in support of operational matters (non-scheduled)

Support ITP in the baseline compliance aspect of information systems and applications being accredited or reaccredited through the DHS’s certification and accreditation process

Review all ongoing Authority to Operate (ATO), Authority to Connect (ATC) and Interim Authorization to Test (IATT); and brief the status in the Weekly Activity Report. The ISSO shall ensure any open ATO’s, IATT’s, ATC, are documented in the Project Plan and IMS

Develop a schedule for the submission of Assessment & Authorization (A&A) packages for assessment. Government technical representatives may delay that time schedule depending on mission requirements

Maintain all Body of Evidence (BOE) documentation for which they are the prime author for the duration of the contract. The contractor shall collaborate with the Government data center staff to include Government generated documentation in UAM system BOE. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval

Qualification

Information Assurance ManagementRisk Management Framework (RMF)Security+ CertificationSecurity accreditation packagesICD-503Technical documentationBriefing preparationCollaboration with stakeholdersCommunication skills