Information System Security Officer

Job Responsibilities:

• Support the System Owner in establishing and implementing security policies, procedures and practices in compliance with Authorizing Officials requirements and current DoD/IC/SAPCO regulations.
• Develop and update system documentation for information system authorization, security management and continuous monitoring.
• Ensure systems are operated, maintained, and dispositioned in accordance with internal security policies and procedures outlined in the System Security documentation
• Conduct scheduled security audit log reviews, and report any suspicious activities.
• Conduct ongoing security reviews and tests of systems to periodically verify that security features and controls are functional and effective.
• Ensure all information system security-related documentation is current and accessible to properly authorized individuals.
• Ensure that system recovery and restoration processes are monitored to ensure security features and procedures are properly restored.
• Support evaluation of proposed changes or additions to the IS (including hardware, software, or connectivity) to advise the ISSM of their security relevance.
• Ensure that all active user IDs are revalidated at least annually.

The qualified candidate shall have excellent customer service skills and the ability to work independently, prioritize, schedule, and complete multiple tasks along with extensive knowledge and experience in specialized area of expertise to include Department of Defense (DOD), Sensitive Compartmented Information (SCI), and Special Access Programs (SAP) clients. At Leidos, we strive to provide engaging careers, a collaborative culture and work to improve the lives of our employees to develop a thriving workplace.

Qualifications (Education & Experience)

• Current DoD TS/SCI security clearance or eligibility.
• BS degree in Information Security, Information Technology, or related field or equivalent experience
• Minimum of 4 years of directly related experience as an ISSO or other IA Professional
• Possess a DoD 8570.01 compliant certification for IAM Level I, e.g. Security + w/CE, or the ability to obtain either within 6 months of employment.
• Comprehensive knowledge of JSIG (Joint SAP Implementation Guide) RMF (Risk Management Framework), ICD 503, NISPOM Chapter 8, and NIST 800-53 security controls.
• Experience conducting security audits of information systems.
• Training or experience with Windows based Information Systems standards.
• Vulnerability assessment and analysis experience utilizing SCAP, ACAS/NESSUS and DISA STIGs implementation across multiple platforms (Windows Servers and Clients, Network Devices, Storage System Devices, etc.).