Cybersecurity CND Auditor & Functional Lead

Description

Job Description:

The Defense Group of Leidos has an opening for a Cybersecurity CND Auditor Level 3 and Functional Lead at Fort Belvoir, VA.

JOB SUMMARY:

The Cybersecurity CND Auditor will support the US Army INSCOM IT Support Services program. The ideal candidate will part of the team that is responsible for completing accreditation processes on multiple networks under the Risk Management Framework (RMF), working with security managers to improve organizational security (physical security, information security, etc.), leading Incident Handling issues for the organization, and overseeing vulnerability management (network, server, storage) & patching efforts. This individual acts in a supporting role to other branches across the organization to ensure that the organization's information technology infrastructure is operating securely, reliably and efficiently.

This individual also acts as the Functional Lead addressing functional area reporting requirements, interfacing with the local Government Customer counterparts and reporting up the Leidos Site Lead.

PRIMARY RESPONSIBILITIES:

• Perform a variety of Information Assurance (IA) and Computer Network Defense (CND) functions which are broad in nature and support multi-tier IA and CND functions to include, but not limited to, systems engineer, audit/inspection, infrastructure support, certification and accreditation, vulnerability management, detection and response services
• Enforce all aspects of the Army Information Assurance Program to include COTS, GOTS, freeware, shareware, Program Management (PM)/Major Command (MACOM) fielding’s, local unique, beta tests, application and system maintenance, network access, IT acquisition, connectivity, CS tools, authorized software, and system management controls.
• Identify and manage network and system vulnerabilities and security events
• Receive, acknowledge, disseminate, track, report (daily/weekly, and update vulnerability management (VM) alerts, vulnerability assessments, red/blue team events, security incidents, and the VM common operating picture (VM COP)
• Provide inspection services across the enterprise on behalf of the organization’s Special Enclave (SE) program manager
• Provide advice and guidance concerning Information Assurance (IA) matters to INSCOM
• Provide security certification test and evaluation of assets, vulnerability management and response, security assessments, and customer support
• Perform IA and mitigation/remediation efforts to ensure appropriate STIG compliancy
• Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment and Accreditation (A&A) packages, and Systems Compliance Traceability Matrices (SCTMs)
• Participate in risk assessment during the certification and accreditation process
• Accountable for all aspects of requirements and manages the hands-on, day-to-day issues related to operational activities, and is authorized to act on site-specific matters relating to the daily operation of the task order
• Has the communication skills to effectively interface with military officials, managers, and subordinates.
• Travel to various locations in support of this requirement. Travel can be a result of Site Assistance Visits (SAVs) and/or a part of CS inspections.
• Acts as a “First-Level Supervisor” for site-employees

BASIC QUALIFICATIONS:

• Bachelor's degree in Cybersecurity related field with 6+ years of experience in cybersecurity functions. Additional years of experience may serve in lieu of a degree
• 3+ years of experience using DoD IA tools such as ACAS, SCAP, STIG Viewer, HBSS, SIEM
• Knowledge of government security controls defined in NIST Special Publication 800-53, DoD Instruction 8500.02, ICD 503
• 3+ years of experience managing a team of at least three (3) IT professionals; Willingness to work as part of a technical team, both as member and as functional lead
• Strong verbal and written communication skills
• Currently possess DoD 8570.01 certification at IAM Level II, such as CAP, CASP CE, GSLC, CISM, or CISSP (or Associate), GSLC, or CCISO
• Currently possess CSSP Auditor certification (CEH, CySA+, CISA, GSNA, or CFR)
• Currently possess an active TS/SCI security clearance

PREFERRED QUALIFICATIONS:

• Currently possess Computing Environment certification such as MCSA, Linux, VMware, or CCNA

I2TS4

External Referral Bonus:

External Referral Bonus $:

Potential for Telework:

Clearance Level Required:

Travel:

Scheduled Weekly Hours:

Shift:

Requisition Category:

Job Family:

Pay Range: