Senior Information System Security Officer

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior Information System Security Officer to support the delivery enhancement and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role you will work alongside government partners engineers and other industry teammates to translate operational and strategic requirements into scalable production-ready solutions. You will contribute directly to product planning execution and continuous improvementhelping ensure capabilities are delivered efficiently aligned to mission priorities and positioned for sustained success.

This position offers the opportunity to work on a high-visibility enterprise program at the intersection of data analytics and emerging AI technologies. Ideal candidates are motivated by mission impact comfortable operating in complex stakeholder environments and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Primary Responsibilities:

• Support execution of RMF processes including system authorization continuous monitoring and compliance validation.
• Develop review and maintain RMF artifacts including System Security Plans (SSPs) POA&Ms Security Assessment Reports (SARs) and BOE artifacts.
• Support development and maintenance of the Cybersecurity Operations Plan (CYP) for the program.
• Ensure timely updates and delivery of the CYP based on government feedback.
• Ensure systems maintain compliance with NIST SP 800-53 DoD RMF FedRAMP FISMA and DoD cybersecurity policies and standards.
• Monitor systems for changes impacting security posture and ensure documentation is updated accordingly.
• Support preparation and submission of cybersecurity authorization packages (e.g. ATO IATT change requests).
• Conduct and support continuous monitoring activities including compliance scanning security assessments security control validation and audits to identify vulnerabilities and ensure compliance.
• Analyze vulnerability data and support remediation tracking and resolution.
• Collaborate with Information System Owner (ISO) Information System Security Engineer (ISSE) and Information System Security Manager (ISSM) to implement and validate security controls.
• Collaborate with ISSMs system engineers DevSecOps teams and cybersecurity personnel to ensure secure system operation.
• Support development and maintenance of cybersecurity policies procedures and compliance documentation.
• Assist in audit readiness activities and support cybersecurity inspections and assessments.
• Support cybersecurity incident response coordination and documentation activities.
• Maintain data within GRC tools (e.g. eMASS or equivalent) to ensure accuracy and completeness of cybersecurity records.
• Provide reporting and analysis to support Government risk-based decision making.
• Support cybersecurity training and awareness programs for staff.
• Coordinate with external stakeholders to ensure cybersecurity requirements are met.
• Prepare and present cybersecurity reports and metrics to senior leadership.
• Respond to and manage cybersecurity incidents and breaches.

Basic Qualifications:

• Active Top Secret (TS)/ SCI clearance
• Bachelors degree in Cybersecurity Information Assurance Computer Science Information Systems Engineering or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
• At least one of the following foundational qualification pathways consistent with DoD 8140 requirements:
  • Current DoD 8570/8140 baseline certification appropriate for Intermediate Information Systems Security Manager roles (e.g. CAP CASP CISSP or equivalent)
  • Offerings listed in the DoD 8140 Training Repository
  • Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification alternatives.
• Minimum of 8 years of relevant experience supporting cybersecurity RMF or ISSO/ISSM functions in DoD or Federal environments.
• Experience with NIST RMF FedRAMP FISMA and DoD cybersecurity policies and standards.
• Experience supporting RMF processes including system authorization and continuous monitoring.
• Experience developing and maintaining RMF documentation (e.g. SSPs POA&Ms BOE artifacts).
• Experience working with GRC tools such as eMASS or equivalent.
• Experience analyzing vulnerabilities security controls and compliance requirements.
• Experience supporting cybersecurity audits inspections and compliance activities.
• Proven track record of developing and executing cybersecurity plans and strategies.
• Experience conducting security assessments and audits.
• Excellent communication and leadership skills.

Preferred Qualifications:

• Active TS/SCI with CI Poly clearance.
• Masters degree in Cybersecurity Information Technology or a related field.
• Additional certifications such as CISSP CISM CEH or CRISC.
• Experience with cloud security and AI/ML security practices.
• Familiarity with DoD information systems and environments.
• Experience with cybersecurity incident response and management.
• Strong analytical and problem-solving skills.
• Experience with cybersecurity tools and technologies.

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.