Description

Leidos National Security Sector has a dynamic opportunity for aSecurity Controls Assessor/Assessment and Authorization Specialist to work at our customer site at the National Maritime Intelligence Center, Suitland, MD (all work is performed on site).

Great News! Program is now offering additional Paid Time Off or a Sign-on Bonus!

As a Security Controls Assessor Representative, our new colleague will provide security control assessment of Navy Intelligence funded Sensitive Compartmented Information (SCI) systems in accordance with the Naval Intelligence (NAVINTEL) Authorizing Official/Delegated Authorizing Official (AO/DAO) guidance. You will work independently and as part of a team to achieve critical mission objectives necessary to ensure smooth operations for the customer and other internal/external agencies. The ability to collaborate is key, as the SCA Rep will need to partner with internal and external customers to develop solutions to meet mission objectives.

The Security Controls Assessment (SCA) division executes cybersecurity IT assessments and provides Subject Matter Expertise (SME) for Navy Intelligence systems/networks in accordance with Federal, DoD, and IC standards to include compliance with NIST SP 800-53 controls. Additionally, the division provides recommendations on Cybersecurity program deficiencies and shortfalls as they relate to policy directives, program and procedures, and develops assessment and validation strategies for Navy Intelligence stakeholders.

What Will You Do

• Support the Security Controls Assessment (SCA) of complex IT requirements and security assessment of operational, management, and technical controls for information systems within the Navy Intelligence operational environment and in accordance with Navy RMF guidance, NIST SP 800-37, and NIST SP 800-53.

• Execute Laboratory Security Assessments, Operational Security Assessments, Cross Domain Solutions [CDS] assessments, Baseline Change Request assessments, Interim Authority to Test (IATT) assessments, documentation reviews, etc. and provide accurate and comprehensive security assessment results and risk posture. This information shall be provided in the form of a Security Assessment Report (SAR) via classified communication channels or other format as directed by government.

• Perform Cybersecurity related research and risk assessments for new technologies that are proposed for use within the Navy Intelligence operational environment and shall provide best practice methods for accomplishing assessments using automated tools that comply with Security Content Automation Protocol (SCAP). The format of the research, results, and recommendations is determined by management and may take the form of a briefing, presentation, white paper, or memorandum-type correspondence.

• Maintain in-depth knowledge and employ DISA STIG's, STIG technologies such as Tenable Nessus, STIG Viewer, Security Requirements Guides (SRG), Security Content Checker (SCC), STIG benchmarks, open-source tools such as Vulnerator, and other automated tools to assist with the assessment of security controls and the presentation of security assessment results.

• Develop test procedures for security controls, processes, training materials, and assessment documentation in accordance with DoD and IC cybersecurity policies, directives, and instructions with minimal to no re-work.

Job Qualifications

• Bachelor's degree in IT, IA or related field and 14+ years of related experience with lCD-503, and/or NIST Framework; additional experience may be considered in lieu of degree

• 2+ years of project management experience.

• Adhere to the DoD Information Assurance Workforce Improvement Program requirements, DOD 8570.01-M

• Significant experience and education in information assurance, e.g., accreditation, security testing and evaluation.

• Experience establishing and managing high performing A&A teams, including adapting industry, DOD, and IC standards to create ISC "best practices".

• Experience with DoD, DISA, Navy Network Warfare Command; (NNWC), DoDIIS, and IC tools, systems, and reporting mechanisms and requirements for A&A.

• Up to 10% travel may be required within the National Capital Region.

Current Certification Requirement

• Must have one of the following certifications: CAP, GIAC, GSLC, CISM, CISSP or CASP

Clearance Requirement

• A current DoD Top Secret/SCI Level of clearance

NITESONI

EIO2024

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.