C4ISR Information Systems Security Analyst ( R-00067370 )
Leidos has an opening for a Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) Information Systems Security Analyst (ISSA) at Nellis AFB. Candidates must possess a TS/SCI security clearance in order to be considered.
JOB DESCRIPTION: The (C4ISR) Information Systems Security Analyst (ISSA) will be responsible for ensuring system security functionality, procedural safeguards and implementation strategies are successfully employed to certify and accredit new and upgraded software and systems within the 526th Intelligence Squadron. The ISSA is responsible for developing and maintaining a formal Information Systems (IS) security program and will provide support to plan, coordinate, and implement IT security programs and policies. Applicant will provide systems security management expertise to C4ISR integration efforts for unclassified, collateral and SCI-level software applications and intelligence mission systems. The ISSA will provide Information Assurance (IA) guidance and will assist all ISSOs to ensure they follow established IS policies and procedures.
The candidate will assist and advise in the development of Concept of Operation (CONOP) documents to describe and clarify operational parameters. The ISSA will develop accreditation documentation and coordinate and oversee certification and accreditation activities. The ISSA initiates protective or corrective measures in response to security incidents, develops and maintains System Security Plans (SSP), conducts periodic reviews to ensure compliance with established policies and procedures, ensures all hardware, software, and firmware changes are recorded as required by configuration management procedures. The ISSA will be responsible for participating in IS risk assessment during the certification and accreditation process and will be responsible for conducting IA vulnerability assessments using automated tools.
Applicant should have previous Information Systems Security Officer (ISSO) and/or Information Security System Manager (ISSM) experience. Applicant must have experience in developing and writing security plans and overseeing security awareness programs. Applicant must have a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Must have the ability to plan/coordinate security and/or cyber security activities across multiple organizations. Must have ability to effectively organize and analyze information, produce reports, position papers, and briefings that are responsive to specific needs of 526 IS senior leadership. Must be able to communicate effectively with others, both orally and in writing on complex issues.
Applicants must possess a TS/SCI clearance. Bachelor’s Degree in an IT discipline (or similar) and a minimum of 8 years of experience in computer system security and/or related areas of expertise OR 12 years’ experience. A minimum of a Security + or DoD 8570 IAM Level I equivalent certification is required. Certified Information System Security Professional (CISSP) or other IAM Level II certification is strongly preferred.
Applicant must be familiar with IA policies to include: Risk Management Framework (RMF), Intelligence Community Directive (ICD) 503 -Intelligence Community Information Technology Systems Security Risk Management Certification and Accreditation, National Institute of Standards and Technology (NIST) series special publications, and Committee on National Security Systems (CNSS) national-level Information Assurance policies, directives, instructions, operational procedures, guidance and advisories for United States Government (USG) departments and agencies for the security of National Security Systems (NSS). Familiarity with system hardening in accordance with Security Technical Implementation Guides (STIGs). Knowledge of processes and tools to maintain, archive, sanitize, and retrieve digital files. Experience with eEYE Retina Network Security Scanner, DISA Gold Disk, Security Readiness Review (SRR) Scripts test products, Windows Automated Security Scanning Program (WASSP), Assured Compliance Assessment Solution (ACAS), and Security Scanner (SECSCN). COMSEC experience is desired.Pay Range: