Information Systems Security Officer

The Leidos Digital Modernization Sector is currently pursuing a new opportunity and is seeking a Information System Security Officer (ISSO) to work in Tampa FL to play a crucial role in a landmark Zero Trust (ZT) surge initiative for our client. This is an exciting opportunity to use your experience helping the U.S. Special Operations Command (USSOCOM) Enterprise Development Application and Training (EDAT) mission. In this mission we are focused on providing innovative data-driven solutions and enterprise architecture enhancements to enable seamless operations across USSOCOMs global network. The program emphasizes rapid development and deployment of technologies to enhance the mobility and readiness of Special Operations Forces (SOF) in both combat and non-combat scenarios. Key tasks include program management application development training support and technology integration to maintain USSOCOMs operational edge. The EDAT program underscores agility and adaptability ensuring SOF professionals have access to the information and tools they need to meet evolving mission requirements.

Primary Responsibilities:

• Serve as the lead Information Systems Security Officer (ISSO) embedded with a software development team ensuring that all cybersecurity compliance requirements are met throughout the Software Development Lifecycle (SDLC) for Azure-based portal and gateway applications.

• Guide the development team in interpreting and applying DoD cybersecurity policies NIST RMF guidance and DISA STIG requirements throughout system development and deployment.

• Ensure full compliance with applicable security frameworks including the NIST Risk Management Framework (RMF) FedRAMP and the DISA Cloud Computing Security Requirements Guide (SRG).

• Own and maintain key security documentation such as the System Security Plan (SSP) Plan of Action and Milestones (POA&M) Security Assessment Report (SAR) and supporting artifacts required for achieving and sustaining an Authority to Operate (ATO).

• Coordinate closely with Authorizing Officials (AOs) Information System Security Managers (ISSMs) system owners and other stakeholders to manage and drive the ATO process across multiple classification levels.

• Provide oversight and direction for the integration of enterprise cybersecurity services (e.g. ACAS HBSS BCAP PKI/ICAM) and ensure these services are properly accounted for in security documentation and compliance testing.

• Monitor and assess system vulnerabilities and audit results; ensure findings are documented and tracked to closure in accordance with policy.

• Participate in Agile and Waterfall development meetings to provide governance input and security policy guidance that aligns with DoD accreditation expectations.

• Stay informed of changes in DoD cybersecurity guidance threat landscape developments and cloud security best practices to adjust compliance strategies as needed.

Basic Qualifications:

• Bachelors degree in Cybersecurity Information Assurance or related discipline and 812 years of relevant experience or a Masters degree with 610 years of relevant experience additional years of applicable experience will be accepted in lieu of a degree.

• Active Top Secret security clearance.

• Relevant certifications such as Certified Information Systems Security Professional (CISSP) Certified Authorization Professional (CAP) or CompTIA Advanced Security Practitioner (CASP).

• Demonstrated knowledge of the NIST RMF eMASS workflows and DoD cloud accreditation processes.

• Proven experience managing security compliance for cloud-hosted solutions in Azure or similar environments.

• Strong understanding of DISA STIGs NIST 800-53 controls and vulnerability management processes.

• Familiarity with DevSecOps and Agile SDLC methodologies from a governance and compliance oversight perspective.

• Excellent written and verbal communication skills with the ability to brief complex security concepts to both technical and non-technical stakeholders.

Preferred Qualifications:

• Masters degree in Cybersecurity Information Assurance or a related field.

• 8 years of experience as an ISSO or in a similar cybersecurity compliance oversight role supporting DoD systems.

• Advanced certifications such as CISSP-ISSEP CISM or GIAC Security Leadership Certification (GSLC).

• Experience supporting ATO packages in Azure and other cloud environments.

• Familiarity with supporting systems at multiple classification levels (e.g. Unclassified Secret).

• Proven success in liaising with AOs ISSMs and system owners to navigate and expedite RMF-based accreditation efforts.

• Experience mentoring junior cybersecurity personnel and fostering a compliance-driven security culture within cross-functional teams.

• Knowledge of emerging cybersecurity technologies and their implications for DoD cloud security compliance.

• Please disregard the pay range listed on the posting. Positions will range from entry to experienced and the ranges here do not reflect each of those levels. Salary for each position will be determined by position years of experience and fit for the role.

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.