Information System Security Officer (ISSO) - Senior

Description

As the largest provider of IT services, Leidos develops and sustains large data and technology infrastructures and integrates complex law enforcement IT system for several US federal agencies. At Leidos we offer engaging careers, a collaborative culture, and support for your career goals and growth. This role would be serving a federal law enforcement agency in Clarksburg, WV with remote work possible.

We are seeking a talented and experienced Senior Information Systems Security Officer on our team. The ideal candidate will be responsible for providing leadership and guidance on all aspects of information systems security, ensuring compliance with government standards (NIST, OWASP, etc.), actively participating in Agile environments to integrate security throughout the development lifecycle, and leveraging strong technical experience across networking, system administration, and development, with a solid understanding of CI/CD, virtualization, and software-defined infrastructure. This role will be part of a strategic security leadership team which is part of a larger team that is responsible for establishing and maintaining the organization's overall security strategy and posture.

• Manage and maintain the security posture of assigned information systems throughout their lifecycle.
• Develop, implement, and enforce information system security policies, standards, and procedures in alignment with NIST, OWASP, and other relevant government standards.
• Conduct risk assessments and vulnerability analyses to identify security weaknesses and recommend mitigation strategies.
• Prepare and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports, and Plans of Action and Milestones (POA&Ms).
• Coordinate and support security authorization activities, such as Assessment and Authorization (A&A) or Authority to Operate (ATO) processes.
• Monitor security controls and implement continuous monitoring activities to ensure ongoing compliance.
• Manage and configure security tools and technologies, including security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and vulnerability scanners.
• Collaborate with system administrators, network engineers, and developers to ensure secure system design, implementation, and operation.
• Provide security guidance and support to Agile development teams, integrating security into CI/CD pipelines and development processes.
• Manage and respond to security incidents, coordinating incident response activities and implementing remediation measures.
• Conduct security audits and reviews to evaluate compliance with security policies and procedures.
• Stay up-to-date on the latest cybersecurity threats, vulnerabilities, and best practices.
• Provide security awareness training to users and staff.
• Manage and control changes to information systems, assessing the security impact of changes.
• Oversee the implementation and maintenance of virtualization and software-defined technologies from a security perspective.

• Bachelor's Degree in Software Engineering, Computer Science, Information Systems
• Management, Cyber Security or other related discipline is preferred, or equivalent experience; additional years of experience may be considered in lieu of a degree
• 6+ years of prior relevant experience
• Certified Information Systems Security Professional (CISSP) is required
• Ability to research and learn both independently and as part of a team
• Must have reliable internet access
• Must be a US Citizen to apply

• Familiarity with Agencies Agile ATO process
• Cloud Certification preferred.
• Experience with Cloud Service Providers (CSPs), AWS and Microsoft Azure
• DOD Top Secret Clearance is required.