Information Systems Security Officers (ISSO)

The Health and Civil Sector are actively seeking Information Systems Security Officers (ISSO) with a minimum of ten (10) years’ experience. This opportunity is supporting the customer’s Accreditation and Authorization (A&A) projects at the Group organizational level and is therefore supporting across various levels within the customer organization.

Role requires US Citizen with the ability to obtain a Public Trust level 4 clearance.

MUST be local to the DC Metro area for onsite meetings in Washington, DC as needed

Role will primarily telecommute, onsite requirement may vary.

• Develops, reviews, evaluates, and verifies self‐testing results to validate enclave security requirements for organizational security policies) are met for Cloud technical systems for the government portfolio.
• Perform Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation.
• Evaluation of the assigned information systems’ security control compliance with the federal requirements and the client’s monitoring strategy.
• Management of emerging and defined risks associated with the administration and use of assigned information systems.
• Coordination with the client’s Cybersecurity team to achieve and maintain the information systems’ compliance and authorization to operate (ATO).
• Ensuring systems are operated, maintained, and disposed of in accordance with policies outlined in the approved security authorization package.
• Performing annual assessments to ensure compliance with the client’s policies and standards.
• Serve as a member of the Change Control Board (CCB) to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented.
• Ensuring information system security requirement are addressed during all phases of information systems lifecycle.
• Work within a team environment to provide technically sound guidance order to adhere to the cybersecurity industry best practices and the client’s monitoring strategy.
• Analyze collected information to identify vulnerabilities and potential for exploitation and effectively present the results and guidance derived from scans to system owners or other leadership, as required.
• Effectively communicate orally and in writing to track and detail the demands, efforts, and shortcomings in meeting the goals of the client’s information system monitoring strategy. 
• Support the integration/testing, operations, and maintenance of systems security. 
• Develops, updates, and maintains internal Standard Operating Procedures for all internal assigned functions. 

• Education, Experience & Skills
  • BA/BS and 12+ years’ experience
  • Previous ISSO experience directly supporting the customer
  • Public, private and hybrid Cloud experience (AWS, Microsoft Azure, etc.)
• Certifications: At least 1 is required
  • CISSP or GSLC certifications
• hhsnih

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.