Security Analyst ( R-00067360-OTHLOC-PL-2D0120 )
Leidos Public Health Division is seeking an Information System Security Analyst, contingent upon contract award, to support public health projects at the Centers for Disease Control & Prevention.
Location: Atlanta, GA or Hyattsville, MD.
Duties may include designing, developing or recommending integrated system solutions ensuring proprietary/confidential data and systems are protected, participating with the client in the strategic design process to translate security and business requirements into technical designs, and configuring and validating secure systems, testing security products/systems to detect computer and information security weakness
Collaborate with the Information System Security Officer (ISSO), other CDC security professionals, and program stakeholders to operate the program computing environment and IT projects in adherence to all CDC and federally mandated security requirements. Participate in the formation and delivery of project plans, proposals and progress reports, as required.
Assist the program to develop documentation for, and provide ongoing monitoring of, system certification and accreditation processes including all maintenance activities.
Assist in developing architecture and deployment plans of new systems. Serve as liaison to ISSO, security professional, and infrastructure stakeholders to provide rapid response to security incidents, threats and associated remediation for all program on-premise and/or Cloud IT solutions.
Facilitate management and deployment of interfaces and associated services to key CDC infrastructure environments as needed.
Facilitate the develop, implement, and maintain sustainable technical solutions to ensure secure access to the scientific data systems managed such as using the integration of personal identity verification (PIV) HSPD-12 authentication.
Ensure security compliance activities such as the creation/modification of system security plans, standard operating procedures, Plan of Action and Milestones (POA&M), and other documentation required to maintain authority to test (ATT) and authority to operate (ATO) certification for all supported systems.
Conduct hardware and software security scans as appropriate
BS and 2-4 years of prior relevant experience or Masters with 2 years of prior relevant experience. Experience may be substituted in lieu of degree
Previous working experience as System Security Steward at CDC or other federal agencies
Experience supporting statistical and/or survey applications
Experience working with systems collecting and storing Personal Health Information and Personal Identifiable Information
Knowledgeable with HIPPA and Privacy Act
Experience with System Administration and Security Engineer
CISSP or other security certificationsPay Range: