Cybersecurity Authorization Services ISSO

More About the Role:
Leidos is seeking a Cybersecurity Authorization Services (CAS) Information System Security Officer (ISSO) to support the Service Management, Integration, and Transport (SMIT) contract, the largest IT services program for the Navy. Under SMIT, the Leidos team delivers the core backbone of the Navy-Marine Corps Intranet (NMCI), including areas such as cybersecurity services, network operations, service desk, voice & video, messaging & mobility, and data transport. The Leidos team supports the Navy in unifying its shore-based networks and data management to improve capability and service while also striving for cost efficiencies and savings by focusing efforts under one enterprise network. The successful candidate will support the Naval Enterprise Networks (NEN) Development and Baseline Labs.

The ISSO conducts security and risk assessments as required using a range of security accreditation frameworks (e.g., NIST, RMF, Common Criteria, DoD, the Intelligence Community Directives (ICDs)), and works to mitigate risks by applying security controls effectively to achieve an acceptable degree of operational risk. As part of this process, the ISSO performs testing and security assessments to sustain required accreditations. The ISSO promotes the use of secure hardware and software within the systems affected by government and corporate approval standards. The ISSO works to ensure all required security policies and practices are effectively applied to systems and ensures security controls implementing these policies are applied and achieve the proper levels of confidentiality, integrity, availability, and privacy protection throughout the system life cycle.

The ISSO also assists with the execution, analysis, and remediation activities for the vulnerability management program (scanning, assessment, reporting, and mitigation verification) that spans both the Dev and Baseline labs using the Nessus and Tenable-ACAS vulnerability scanning tools.

Primary Responsibilities:
•Assist with the initial effort to obtain and continued sustainment of the NEN Baseline Lab RMF authorization.
•Provide support for implementing and enforcing information systems security policies, standards, and methodologies.
•Assist in the evaluation of security solutions to ensure they meet security requirements for processing multiple types of information.
•Assist with the Configuration Management for information system security software, hardware, and firmware.
•Evaluate security solutions to ensure they meet security requirements for processing information.
•Maintain operational security posture for information systems.
•Work with engineering devops staff to ensure security artifacts are being collected and analyzed in a timely manner.

What You'll Get to Do:
•Obtain and then maintain the Authorization to Operate (ATO) for the NEN Lab.
•Provide support for …