Information System Security Officer

Description

Are you ready to make an impact?

Leidos is seeking a highly motivated Information Systems Security Officer (ISSO) to join our growing cybersecurity team supporting critical defense and intelligence missions. This position is responsible for implementing, maintaining, and enhancing system security programs, procedures, and controls in accordance with DoD directives and cybersecurity best practices.

Location: All work will be performed on-site in Omaha, NE. Due to the nature of the environment, this position does not allow for hybrid or telework option.

Your best work is ahead!

In this role, you will play a vital role in performing security assessments, authorizations, and continuous monitoring activities, while ensuring compliance with NIST 800-53A and RMF frameworks. You will work closely with key stakeholders, including ISSMs, ISOs, and system owners, to safeguard information systems, address vulnerabilities, and maintain a strong cybersecurity posture across complex IT environments.

• Perform ISSO duties in accordance with NIST 800-53A and RMF guidelines, ensuring alignment with government and corporate security directives.
• Conduct and support risk and vulnerability assessments for Windows and Linux-based systems.
• Lead and participate in Assessment and Authorization (A&A) efforts, including documentation of System Security Plans (SSPs), Risk Assessment Reports (RARs), POA&Ms, and other A&A artifacts.
• Analyze, interpret, and apply federal cybersecurity guidance to meet mission needs.
• Conduct security audits, evaluations, and reviews to identify and remediate compliance gaps.
• Develop, implement, and maintain cybersecurity policies, procedures, and continuous monitoring activities.
• Support remediation of non-compliance findings within short, mid, and long-term timelines.
• Communicate system security postures through reporting mechanisms and advise stakeholders on all cybersecurity matters.
• Document security deficiencies and develop actionable mitigation strategies.
• Educate system users and promote awareness of security policies and procedures.
• Interface with tools such as Tenable Nessus, SCAP, Graylog, and eMASS to support vulnerability management and compliance tracking.
• Provide incident response and support root cause analysis and recovery efforts.
• Provide mentoring and guidance to less experienced team members.

• Bachelor's degree and 4-8 years of cybersecurity experience, or equivalent combination of education and experience (additional years may be considered in lieu of a degree).
• Active DoD Secret clearance with eligibility for TS/SCI.
• DoD 8570 IAT Level II certification (e.g., Security+ CE, GSEC, SSCP).
• Demonstrated experience with NIST 800-53A, RMF, and DoD STIG compliance.
• Familiarity with cybersecurity risk assessments and vulnerability scanning tools (e.g., Tenable Nessus, SCAP).
• Working knowledge of security control implementation, monitoring, and documentation.
• Experience with A&A tools such as eMASS.
• Strong analytical, verbal, and written communication skills, with the ability to document complex technical findings and convey them to both technical and non-technical audiences.
• Ability to work in dynamic environments and manage multiple priorities effectively.

• Active TS/SCI clearance.
• Experience using Atlassian tools (JIRA, Confluence, Bitbucket).
• Familiarity with security incident response and contingency planning.
• Experience with continuous monitoring.
• Strong desire to learn new technologies and enhance security operations.