Leidos has a career opening for a Cybersecurity Program Analyst in Fort Meade, Maryland.
Job Summary/Primary responsibilities:
-Expert knowledge of industry/commercial best practices concerning cybersecurity and information systems security.
-Proven experience with the application, assessment, and validation of DOD 8510.01 Risk Management Framework and assessment processes as they apply to information security and accreditation packages.
-Proven experience in validating compliance of controls with understanding of how Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) checks align with RMF security controls.
-Experience in developing cybersecurity enterprise policies and procedures to support RMF security control requirements.
-Expert knowledge of advanced IT principles, concepts, methods, standards, and practices to interpret cybersecurity policies, procedures, and strategies for the enterprise.
-Knowledge of or experience with Windows-based workstations and servers (Windows 7/10 workstations, Server 2008/2012/2016)
-Knowledge of or experience with non-windows based workstations and servers (Unix/Linux-based operating systems, MAC)
-Knowledge of or experience with virtual machine environments
-Knowledge of or experience of network administration technologies, network architecture, and communication protocols (e.g. firewalls, VPN, routers, switches, etc.)
-Knowledge of or experience with System Development Lifecycle Cycle
-Knowledge of or experience with Wireless technology
-Knowledge of or experience with Cloud technology
-Knowledge of or experience with applications and web security policies
-Knowledge of or experience with domain structures, user authentication, data encryption, access audits and end-user security best practices
-Knowledge of or experience with Information Assurance Vulnerability Management (IAVM) program, Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS) and Continuous Monitoring and Risk Scoring (CMRS) systems
-Knowledge of or experience with DOD FedRAMP Certification Services
-Bachelor's degree in related technical field and twelve to fifteen years of experience with DoD Ports, Protocols, and Services Management (PPSM) and DoD Whitelist Registration.
-Excellent written and oral communication skills. Ability to discuss identified risks with executive leadership.
-Strong attention to detail and ability to assist customers, management, Information System Security Officers (ISSOs)/Information System Security Managers (ISSMs) in all aspects of the DOD accreditation process. Demonstrated hands-on experience in maintaining an Authority-To-Operate (ATO) following the DOD Risk Management Framework (RMF) for DOD NIPRNet and/or SIPRNet networks.
-Demonstrated hands-on experience in maintaining and Authority To Operate (ATO) following the DOD Information Assurance Certification and Accreditation Process (DIACAP) process and support the transition from DIACAP to the RMF process.
-Demonstrated hands-on experience performing DOD RMF Assessment and Authorization (A amp;A) with Enterprise Mission Assurance Support System (eMASS) for validation, updates, and package submission.
-Demonstrated hands-on experience managing RMF security control baselines, inheritable controls, hybrid controls
-Demonstrated hands-on experience developing, maintain, and validating DOD Plan of Actions and Milestones (POA amp;M)
-Experience performing computer systems security risk analysis and assessments
-Demonstrated hands-on experience implementing and validating Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
-Demonstrated hands-on experience using DISA Security Readiness Reviews (SRR) and SCAP Tools
-Experience reading and interpreting network topology drawings
-All candidates must be U.S. Citizens and possess an active Secret Government security clearance.
-External referral eligible.
-Security + CE