IT Security Engineer

The Cybersecurity Specialist will be responsible to implement and execute risk management processes by utilizing National Institute of Standards and Technology (NIST) 800 series special publications Federal Information Processing Standards (FIPS) and Federal Information Security Modernization Act (FISMA) compliance frameworks. The Cybersecurity Specialist will work in a collaborative unified team environment to monitor evaluate and manage the risk posture of systems authorization boundary to safeguard information systems by leveraging robust understanding of NIST Risk Management Framework (RMF). This position will involve working closely with the organizations IT teams to identify vulnerabilities conduct security control assessments perform risk analysis and assessments develop security strategies for mitigating and resolving findings provide cybersecurity compliance guidance to IT teams and ensure systems remain compliant with federal standards and regulations.

Key Responsibilities:

• Cybersecurity support managing Authorization Packages (AP) to include Privacy Analysis System Categorizations Risk Assessment Reports (RAR) System Security Plan (SSP) and general Assessment and Authorization (A&A) oversight to obtain or maintain a systems Authorization to Operate (ATO)

• Focal point for enterprise SSPs managing the security posture by supporting Information System Owners (ISO) and Information System Security Officials (ISSO) with RMF responsibilities

• Develop and maintain accurate and effective Plans of Action & Milestones (POA&Ms) as part of continuous monitoring for implementing cybersecurity improvements

• Collaborate with Information System Administrators (ISA) and various Engineering teams to integrate security measures into new and existing information systems and major applications

• Stay up to date on general information technology innovations and emerging threats and security technologies to continuously improve security posture.

Required Qualifications:

• Bachelors or Masters degree in Cybersecurity Management of Information Technology or a related field.

• 10 years of experience in information security or related roles.

• Experience with networking ports and protocols architecture of networked and standalone systems functionality of various operating systems cloud computing environments and common security tools.

• Ability to develop information system topology diagrams and Concept of Operations documentation

• Knowledge with federal standards such as NIST FISMA and FIPS

• Exposure to FedRAMP program and standards

• Experience with Security Control Audits

• Proficient with MS Office

• Experience with IT projects in a traditional waterfall or Agile framework

• Relevant certifications (e.g. CompTIA Network Security CySA) are a plus.

• Position is hybrid remote and candidate must be within commute distance to Kennedy Space Center.

Hybrid remote status is at the discretion of the customer and may change to on-premises support

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.