Insider Threat Program Information System Security Officer (MID)

The Digital Modernization Sector at Leidos currently has an opening for an Information System Security Officer (MID) supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Program (ITP). This is an exciting opportunity to use your experience to support security accreditation and sustainment activities. The ITP mission is to identify insider threats to the department by utilizing advanced analytics monitoring and data correlation which in turn help address and eliminate potential threat actors from compromising the DHS mission in safeguarding the homeland.

The selected candidate will be responsible for the following:

• Provide support for security engineering and the integration and deployment of security technology to support advanced external threat insider threat and cyber contractor shall resolve concerns or issues related to UAM components within 48 hours and the Governments request should be acknowledged within 1 hour during normal business hours.

• Perform weekly or as directed by the government vulnerability scans in support of FISMA requirements. For all systems coordinate with the respective system owner system administrator or Information System Security Officer (ISSO) to notify them that weekly scanning is to be performed and that the scan results are to be forwarded to the ITP for analysis.

• Support security assessments by working with the respective system owner system administrator and/or Information System Security Officer (ISSO) to defining the scope developing a test plan and rules of engagement document obtaining necessary government approval analyzing results preparing a written report with the findings impacts and recommendations and holding out briefings of findings.

• Provide a quarterly status of the scan coverage and identify and report on issues with coverage to the government.

• Perform technical analysis of all scan results and prepare a written report of analysis for the government monthly as needed or at the request of the Government.

• Conduct ITP directed vulnerability scans in support of operational matters (non-scheduled).

• Support ITP in the baseline compliance aspect of information systems and applications being accredited or reaccredited through the DHSs certification and accreditation process.

• Review all ongoing Authority to Operate (ATO) Authority to Connect (ATC) and Interim Authorization to Test (IATT); and brief the status in the Weekly Activity Report. The ISSO shall ensure any open ATOs IATTs ATC are documented in the Project Plan and IMS.

• Develop a schedule for the submission of Assessment & Authorization (A&A) packages for assessment. Government technical representatives may delay that time schedule depending on mission requirements.

• Maintain all Body of Evidence (BOE) documentation for which they are the prime author for the duration of the contract. The contractor shall collaborate with the Government data center staff to include Government generated documentation in UAM system BOE. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval.

Basic Qualifications:

• Bachelors degree and (10) years of prior relevant experience or Masters with (8) years of prior relevant experience

• Excellent written and oral communication skills

• Experienced and adept at developing and maintaining technical documents analyses and reports

• Experienced with preparing and presenting briefings to senior customer management and customer stakeholders

• Ability to obtain DHS EOD SCI

Preferred Qualifications:

• Masters degree from an accredited college or university in IT Management Engineering or related field

• Proven experience (6 years) in Information Assurance Management

• Security or Similar Certification

• Extensive experience with the Risk Management Framework (RMF)

• Extensive experience with ICD-503

• Extensive experience developing security accreditation packages and achieving Authorities to Operate (ATOs)

• Experience supporting security accreditation activities within the Intelligence Community

At Leidos we dont want someone who fits the moldwe want someone who melts it down and builds something better. This is a role for the restless the over-caffeinated the ones who ask whats next before the dust settles on whats now.

If youre already scheming step 20 while everyone else is still debating step 2 good. Youll fit right in.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.