Practice Owner – Scanning and Compliance Senior Information Assurance Analyst

Description

Job Description:

The Intelligence Group at Leidos is looking for a Cyber Security Scanning and Compliance Senior Information Assurance Analyst to work at our customer site in Stennis, MS for a near future award. We are excited to start a new effort supporting a federal agency’s datacenter optimization and modernization. Upon award, we will provide seamless support while transforming the service management to the most modern frameworks, standards, and methodologies.

Primary Responsibilities

As the Practice Owner of Scanning and Compliance, you will be responsible for the following:

• Responsible for analyzing Risk Management Framework (RMF) assessment needs and providing oversight, support, and guidance to meet DCCO security requirements.
• Knowledgeable of National Institute Science and Technology (NIST) standards, Committee on National Security Systems (CNSS) Policy (CNNSP), DHS security standards, and Industry Best Practices.
• Ensures compliance with the implementation standards found in information assurance security policies, and procedures, and makes sure that the security standards meet Authority to Operate (ATO) compliance.
• Ensure that accreditation and authorization (A&A) procedures have been identified and executed by adhering to DHS RMF standards and processes.

• Conducting service management activities per the current published approved plans, processes, procedures, checklist, and related artifacts / activities.
• Assessing and reviewing all documents and records related to your ITIL 4 practice.
• Drafting a new ITIL 4 Information Security Management plan for coordination and approval.
• Drafting process(es) per ITIL 4 addressing: a) The four dimensions; b) The guiding principles; c) Service value chain(s) with associated swim lanes of activities; d) governance – regulations, laws, mandates, directives, and policies; and e) continual improvement
• Updating procedures, checklist, appointments, etc. in support of the inputs to all processes and your practice plan.
• Work to bring your practice’s assessment at least Defined within the first 12 months while moving toward achieving Quantitative or Optimizing maturity.
• Work to bring your practice’s assessment at Level 3 or higher in compliance with ISO 20000 within the first 12 months.

As an Information Technology Systems Security and Cyber Security professional, you are responsible for maintaining computer and information security incident, damage and threat assessment programs. Duties include investigating computer and information security incidents to determine extent of compromise to information and automated information systems, providing computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments, researching and maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. In our client’s Hybrid Computing Environment with Data Center, Cloud Service Providers, and remote Data Centers call Co-Location sites will require designing, developing or recommending integrated system solutions ensuring proprietary/confidential data and systems are protected, participating with the client in the strategic design process to translate security and business requirements into technical designs, and configuring and validating secure systems, testing security products/systems to detect computer and information security weakness. Some of the duties entail:

• Working to achieve key project/program objectives and deliverables.
• Delivering entire projects or processes spanning multiple technical areas.
• Managing large projects or processes within the Hybrid Computing Environment.
• Developing solutions to complex technical issues and problems in support of customers of the federal agency.
• Employing ingenuity and creativity to develop new technical solutions and systems in order to achieve functional objectives.
• Communicating with internal team members across multiple areas and client team members throughout CONUS and OCONUS locations.
• Communicating with suppliers, vendors, sub-contractors, government, supported customer and other parties external to the organization.
• Works to influence project/team leaders regarding solution design, process and/or approaches.

Leadership & Talent Management:

• Leads from 1 or more personnel supporting engineering activities

Basic Qualifications

• Education and Experience:
  • Bachelor degree and 8 or more years of prior relevant experience OR Master Degree with 6 or more years of prior relevant experience
• Certifications:
  • CISSP, CISM, or GSLC
  • ITIL 4 Foundation in IT Service Management certification

Preferred Qualifications

• Certifications:
  • CCSP
  • CEH
  • GSOC

DCCO

External Referral Bonus:

External Referral Bonus $:

Potential for Telework:

Clearance Level Required:

Travel:

Scheduled Weekly Hours:

Shift:

Requisition Category:

Job Family:

Pay Range: