Description

Leidos has an exciting opportunity for an Information System Security Manager (ISSM) located in San Diego, California. As part of the Leidos San Diego Information Assurance team, you will collaborate with Senior Information System Security Managers and Information System Owners to help ensure IT systems remain compliant to government regulations, frameworks, and standards such as DFARS NIST 800-53A and NIST 800-171. Qualified candidates have knowledge, experience, and demonstrated ability to perform tasks related to assessing, securing, and monitoring IT systems. Candidates will have the ability to work independently and apply the proper procedures and process related to their area of expertise. The ISSM will assist in the development of information system documentation such as system security plans, security control assessments, conduct information systems audits using a variety of tools, and any relevant plans of action and milestones.This role will require experience in communicating with Government officials for general coordination and assessment and authorizations.

Primary Responsibilities

• Using knowledge of the Information System (IS) and understanding of established Information Assurance (IA) and Cybersecurity requirements of NIST 800-53A and 800-171, validate security policies and procedures outlined in the System Security Plan (SSP), customer policies & regulations, and ensure local policies are followed.
• Conduct ongoing security reviews and tests of Windows and Linux systems to verify security features and controls are functional and effective. Work with the ISSM and take corrective action to resolve identified vulnerabilities.
• Promote awareness of security issues and communicate deficiencies to ISSMs, ISSEs, SAs and ISOs.
• Recommend, create, and implement training programs to ensure data users are aware of, understand, and adhere to systems security policies and procedures.
• Ensure the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT/IA services.
• Review vulnerability and compliance scans and create remediation timelines for reporting purposes.

Basic Qualifications

• Must be experienced in auditing Linux and Windows Operating Systems.

• Possess an IAM Level 3 Certification (CISM, CISSP, etc)
• Bachelor of Science in a related field and at least 8 years of relevant work experience.
• Active DoD TOP SECRET clearance.
• A strong understanding of security controls contained within NIST 800-53A and NIST 800-171 publications.
• Experienced with creating policies and procedures to ensure information systems' confidentiality, integrity, and accessibility.
• Experience in identifying risks and vulnerabilities of information systems and creating Plan of Actions and Milestones (POAMs)
• Experience in documenting system deficiencies and recommending solutions for remediation.
• Familiar with automated vulnerability scans using Tenable Nessus, SCAP, or other similar applications.
• Have participated in systems security evaluations, audits, and reviews.
• Be able to learn new technologies and skills that are essential to ISSO roles and responsibilities.
• Creation of System Security Plans, Security Control Traceability Matrix, and Assured File Transfer Plans
• Experience with the JIRA ticketing systems for task tracking

Preferred Qualifications

• System Administration Experience with Linux, Windows, or Network Devices
• Experience developing RMF packages to attain an ATO declaration.
• As an IA Subject Matter Expert (SME), provide critical thinking to ensure system security requirements are addressed during all phases of the System Development Life Cycle (SDLC).

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.