Leidos is seeking a Sr. Information Assurance Policy and Compliance Lead in Huntsville, AL.
Technical Subject Matter Expert for cyber security in the area of identifying, developing, implementing, and continuous monitoring of information technology hardware and software secure configurations within an enterprise architecture construct. Directly interact and support ACE-IT CIRT, NOC, SOC, and Engineering proponents to validate that DoD, Army, and DISA mandated IA guidelines are integrated into the ACE-IT architecture on the principles of Defense in Depth as well as continuous sustainment of real-time risk management and vulnerability assessment. Regular tasking would include but not be limited to secure baseline validation, vulnerability and threat assessment, and security model architecture and design validation, enforcement of cyber policy and standards, and internal auditing for cyber security compliance.
• Support SA, VMSA, and NA Vulnerability Remediation Efforts by assisting in the gathering of remediation guidance from internal reporting, Vendors, US Cybercom, CERT, etc.
• Perform ACAS Scan and configuration support to ACE-IT Government, VMSA, SA, and NA personnel to Support vulnerability remediation efforts
• Ensure that IAVA Metric Reporting Data is Filtered Correctly for ACE-IT Managed Systems
• Capture high vulnerability density count systems and disposition for remediation
• Provide Team leadership and SME reach-back support to the VMSAG to ensure that 1% or less of ACE-IT systems are highly vulnerable week over week
• Support SCCM Client Health Remediation activities
• Direct VMSA to drive lingering individual IAV compliance as well as STIG compliance to gt;=95%
• Other cybersecurity assignments as directed
• Perform DISA SCAP scans for STIG compliance verification
• Identify and report cyber threat surface and risk mitigation postures
8+ years of overall relevant experience required: - Cyber security, Information Assurance/Information System Security Engineering
- Defense in Depth principles and technology including access/control, authorization, Identification and authentication, public key infrastructure, network, and enterprise security architecture
- DISA STIG and SRR compliance test and verification
- ACAS/SCAP vulnerability scanning, Penetration testing, network forensics, and auditing
- DoD and Army Information Security regulations, publications, and policy
- Applying security risk assessment methodology to system development and existing IT infrastructure, including threat model development, vulnerability assessments, and resulting security risk analysis
Required Education: Bachelor’s degree from accredited university/college in Computer Science/Information Technology or related field.
Must possess current/active Top Secret clearance.
Desired Certifications: CISSP, CCNA, CCDA, CISA
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems Global Solutions business (IS GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.
JBLeidos ICBJMETA ICGP500