Information Systems Security Officer (ISSO) ( R-00057680 )
Leidos Government Health & Safety Solutions is seeking an Information Systems Security Officer (ISSO) on a large network services opportunity supporting the National Institute of Health (NIH) in the Bethesda, MD area.
- Implement and enforce information systems security policies, standards, and methodologies
- Draft and maintain security policy documentation
- Lead the evaluation of security solutions to ensure they meet security requirements for processing classified information
- Coordinate with the CM for information system security software, hardware, and firmware updates
- Maintain records on workstations, servers, routers, firewalls, intelligent hubs , network switches, etc. to include system upgrades
- Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies
- Provide CM for security-relevant information system software, hardware, and firmware (U)
- Develop system security policy and ensures compliance
- Evaluate security solutions to ensure they meet security requirements for processing information at the appropriate classified level
- Maintain operational security posture for an information system or program
- Provide support for maintaining the appropriate operational IA posture for a system, program, or enclave
- Develop and update the system security plan and other IA documentation
- Assist with the management of security aspects of the information system and perform day-to-day security operations of the system
- Assist with assessment, development and implementation of programs and controls set in place to preserve the integrity and security of sensitive data and information stored and processed by various network systems.
- Assist with prevention of data breaches and unauthorized access to information systems.
- Management of information security.
- Review Program information security systems and recommend improvements/solutions.
- Bachelor’s Degree in Computer Science, Information Systems, Engineering or other related discipline
- 4+ years of ISSO experience
- Certified Systems Security Professional (CISSP)
- Thorough knowledge of network security concepts with application knowledge of various enterprise security point technologies, managed security services, Security Information and Event Management solutions, packet analysis tools, cryptography and Active Directory / Kerberos authentication protocol
- Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities
- Demonstrated experience working in large Federal agency preferably in HHS.
- Possess the knowledge of security best practices, security solutions, and methodologies for risk management
- Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
- Demonstrated advanced knowledge of industry accepted standards
- Experience with various SOC automation tools such as Splunk, Archer etc.
- 5+ years of intrusion detection and/or incident handling experience