Leidos - Arlington, VA

posted about 2 months ago

Full-time - Mid Level
Arlington, VA
Professional, Scientific, and Technical Services

About the position

Leidos's Digital Modernization Group is seeking high-level IT Professionals to provide Cybersecurity A&A Analyst duties within the National Military Command Center. The Information System Security Officer (Cybersecurity A&A Analyst) will work on-site at the Pentagon. This role requires the ability to navigate a constantly changing regulatory environment, managing short, mid, and long-term timelines for remediating any non-compliance issues. The successful candidate will work collaboratively within a team, demonstrating adaptability to change and a proactive approach to problem-solving. Key responsibilities include identifying key stakeholders in Assessment and Authorization (A&A) efforts and ensuring that system documentation accurately reflects current system security configurations. This includes detailing hardware and software components, data flow, interconnections, and relevant ports, protocols, and services. The officer will maintain cybersecurity procedures and processes, analyze and apply Federal cybersecurity guidance to meet customer needs, and communicate the security posture of systems through designated reporting mechanisms. The role also involves assisting in the preparation and review of critical documentation such as System Security Plans (SSPs), Risk Assessment Reports (RAR), and other A&A artifacts. The officer will research and address information security issues, develop and maintain the Plan of Action and Milestones (POA&M), and support remediation activities. Additionally, the officer will perform Risk Management Framework (RMF) activities to achieve Authority to Operate (ATO) and conduct continuous monitoring of security controls to ensure compliance with cybersecurity requirements for assigned IT systems. Advising system owners on security matters and providing management status reports are also essential functions of this position.

Responsibilities

  • Work in a constantly changing regulatory environment with timelines for remediating non-compliance.
  • Collaborate effectively within a team and adapt quickly to changes.
  • Identify key stakeholders in A&A efforts and ensure accurate system documentation.
  • Maintain cybersecurity procedures and processes as assigned.
  • Analyze, interpret, and apply Federal cybersecurity guidance to customer needs.
  • Communicate the security posture of systems through designated reporting mechanisms.
  • Assist in preparation and review of documentation including System Security Plans (SSPs) and Risk Assessment Reports (RAR).
  • Research and address information security issues, developing and maintaining the Plan of Action and Milestones (POA&M).
  • Develop and advise on A&A artifacts and security documentation.
  • Assist with pre-assessment preparation.
  • Perform Risk Management Framework (RMF) activities to achieve Authority to Operate (ATO).
  • Conduct continuous monitoring of security controls to ensure compliance with cybersecurity requirements.
  • Advise system owners on security matters involving assigned IT systems.
  • Provide management status reports and document system changes.
  • Analyze problems and provide focused solutions for effective communication.

Requirements

  • Bachelor Degree and 9+ years experience or equivalent work experience and certifications may be considered in lieu of a degree.
  • Active TS/SCI Security Clearance.
  • Current DoD 8570 baseline certification for IAT II (GSEC, Security+, SCNP, or SSCP).
  • 4-6 years of Cyber Security experience.
  • 4-6 years of IT experience (Networking/System Administration).
  • Working knowledge of security system controls, policies, technical security safeguards, and operational security measures.
  • Familiarity with DoD STIG process.
  • Excellent verbal and written communication skills.
  • Experience executing the security assessment and authorization (ATO) process with independent assessors.
  • Experience executing Continuous Monitoring and maintaining the security posture of IT systems.

Nice-to-haves

  • Familiarity with eMASS and XACTA.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service