Security Controls Assessor/Assessment and Authorization Specialist

Description

Leidos National Security Sector has a dynamic opportunity for a Security Controls Assessor/Assessment and Authorization Specialist to work at our customer site at the National Maritime Intelligence Center in Suitland, MD (all work is performed on site).

Great News! Program is now offering additional Paid Time Off or a Sign-on Bonus!

The Assessments & Validations Division (N64) executes cybersecurity assessments and provides expertise regarding Navy Intelligence systems/networks in accordance with Federal, DoD, and Intelligence Community (IC) standards. Additionally, N64 develops assessment and validation strategies for Navy Intelligence stakeholders.

As a Security Controls Assessor Representative, our new colleague will assess Navy Sensitive Compartmented Information (SCI) systems in accordance with Naval Intelligence (NAVINTEL) Authorizing Official/Delegated Authorizing Official (AO/DAO) guidance. You will work either independently or as part of a team to achieve critical mission objectives, ensuring smooth operations for the customer and other internal/external agencies.

• Support security assessment activities for complex Navy SCI IT systems, including Cross Domain Solutions and Cloud Environments.
• Perform Laboratory and Operational Security Assessments in accordance with Navy RMF guidance, NIST SP 800-37, NIST SP 800-53, and CNSS 1253.
• Execute assessments for Baseline Change Requests, Interim Authority to Test (IATT), documentation reviews, etc.
• Comprehensively and accurately annotate security assessment results and risk posture in the form of a Security Assessment Report (SAR).
• Research and assess developing technologies that are proposed for use within the Navy Intelligence operational environment.
• Maintain in-depth knowledge of DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).
• Utilize security tools, such as Xacta, Tenable Nessus/ACAS, Evaluate STIG, eMASSter, STIG Viewer, and other automated tools to evaluate and produce assessment results.
• Develop test procedures and methodologies for assessing security controls.
• Develop assessment processes, training materials, and documentation in accordance with DoD and IC cybersecurity policies, directives, and instructions with minimal to no re-work.

• Bachelor's degree in Information Technology, Cybersecurity, or related field with 10 or more years of Assessment & Authorization (A&A) experience, including implementing and evaluating NIST security controls; additional years of experience required in lieu of a Bachelor's degree.
• Experience as a Security Controls Assessor Representative.
• Significant experience with NIST Cybersecurity Framework and/or risk management within the Intelligence Community.
• 2+ years of project management experience.
• Ability and willingness to adhere to the DoD Information Assurance Workforce Improvement Program requirements, DOD 8570.01-M.
• Experience establishing and managing high performing A&A teams and adapting standards to create "best practices".
• Experience with DoD, DISA, Navy Network Warfare Command (NNWC), DoDIIS, and IC tools, systems, and reporting mechanisms and requirements for A&A.
• Travel Requirement: Up to 25% within the National Capital Region and Worlwide.
• A current Passport.

• Must have to be considered: An IAM Level II or Higher certification (e.g., CompTIA CASP+CE, ISC2 CISSP, etc.)

• A current DoD Top Secret/SCI Level of clearance