ISSE- Information Security Systems Engineer ( R-00081100 )
Leidos is looking for an Information Assurance Engineer to join us in our Herndon, VA office. The candidate will be part of a dynamic team responsible for the creation of a new mission oriented communication network. Our ideal candidate would be interested in personal growth, expanding beyond typical Info Assurance tasks to learn all facets of the program.
The candidate will be responsible for full life-cycle Information System Security to include system accreditation, which uses XACTA as a tool that follow the Risk Management Framework (RMF) process. You will work closely with the designated ISSM of you system, as well as your team mates to get the Body of Evidence (BOE) which is called Artifacts in XACTA. In addition, the candidate will implement security requirements and ensure compliance with ISSM direction and approved SSPs for a network
The candidate is responsible for documents required for accreditation, to include, Continuous Monitoring Plan, Contingency Plan, Configuration Management Plan, Privilege User Guide (PUG) and General User Guide (GUG), etc.
The duties will extend to include a role as Auditor for the networks. The purpose of an auditor is to collecting and monitoring auditable activities on the network. Also, ensuring that the Rapid7 scans are done every 120 days. And that the Privilege User Reports are current and certified every Quarter. Other duties include establishing or utilizing existing access control mechanisms; defining and configuring the appropriate firewall settings; conducting intrusion detection and prevention, conducting vulnerability scanning; conducting anti-virus management, and conducting the necessary incidence response actions in accordance w/ security policies.
- Bachelor’s degree and 8 years of relevant experience. Work experience can be used/combined with education
- Experience developing Body of Evidence (BOE) in support of ICD 503 requirements to include development and maintenance of necessary documents
- Experience operating in a customer-facing environment
- Experience in lifecycle management of computer systems
- System security scanning, monitoring and audit principles (e.g., Rapid7, Splunk)
- Working knowledge of systems engineering principles
- Creating and maintaining project schedules
- Requirements verification experience
- Technical writing