Description

Leidos is seeking an Information System Security Officer (ISSO) to collaborate with the Information System Security Manager (ISSM) with managing risks related to the use of processing, storing, or transmitting information to reduce or eliminate impact to confidentiality, integrity, or availability of information and information systems. ISSO duties will include:

• Ensuring appropriate operational security posture is maintained.
• Conducting scheduled weekly, monthly, quarterly and annual Continuous Monitoring and auditing tasks and reporting.
• Implementing and enforcing all applicable cybersecurity policies, procedures, and countermeasures.
• Developing and implementing automated processes for systems monitoring.
• Working with Program Security to ensuring all users have requisite security clearances and access authorization.
• Maintaining all authorized user access control documentation IAW applicable ICD 503 and DoD Risk Management Frameworks
• Ensuring software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs)).
• Ensuring proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
• Initiating exceptions, deviations, or waivers to cybersecurity requirements.
• Implementing and enforcing all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation.
• Initiating protective or corrective measures in the event of a cybersecurity incident.
• Ensuring all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals.
• Developing artifacts and supporting evidence to satisfy all applicable RMF Controls.
• Developing and/or updating the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks.

QUALIFICATIONS/EXPERIENCE

• Bachelor’s Degree in Computer Science, Cybersecurity or a related discipline
• 8-12 years of information security experience
• DoD 8570 IAT Level 2 Certification

• Ensuring appropriate operational security posture is maintained.
• Conducting scheduled weekly, monthly, quarterly and annual Continuous Monitoring and auditing tasks and reporting.
• Implementing and enforcing all applicable cybersecurity policies, procedures, and countermeasures.
• Developing and implementing automated processes for systems monitoring.
• Working with Program Security to ensuring all users have requisite security clearances and access authorization.
• Maintaining all authorized user access control documentation IAW applicable ICD 503 and DoD Risk Management Frameworks
• Ensuring software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs)).
• Ensuring proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
• Initiating exceptions, deviations, or waivers to cybersecurity requirements.
• Implementing and enforcing all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation.
• Initiating protective or corrective measures in the event of a cybersecurity incident.
• Ensuring all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals.
• Developing artifacts and supporting evidence to satisfy all applicable RMF Controls.
• Developing and/or updating the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks