Information Assurance Compliance Analyst
The Security Analyst, position is responsible for coordination, oversight, execution and enhancement of consistent security practices for all information systems within the United States Antarctic Program (USAP). The Security Analyst will ensure effective information security controls are documented and delivered to safeguard USAP business operations, prevent unauthorized system access, and to protect sensitive information.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Provides support for all security compliance initiatives, such as:
- Evaluates proposed changes to the operational/ business systems and develops system security requirements
Conducts security assessments to determine the effectives of planned and implemented security controls
Conducts Risk Assessments on identified security weaknesses in control implementation
Manages and maintains configuration control over Security Assessment and Authorization (SA&A)
Organizes and facilitates contingency planning exercises
Responds to and manages FISMA audit requests and creation of deliverables
Researches emerging security technologies
Performs systems security evaluations, audits, and server logging reviews to verify secure operations
Conducts continuous security reviews, recommends mitigations and corrective actions, and generates reports
Supports Incident Response activities to mitigate damage, determine impact, and implement corrective actions.
This position delivers analysis and assessment of compliance with security and privacy laws, regulations, guidance, and direction, including the Federal Information Security Management Act (FISMA); National Institute of Standards and Technology (NIST) guidance; Federal Information Processing Standards (FIPS); applicable Office of Management and Budget (OMB) memoranda; and United States Antarctic Program (USAP) policies and instructions.
CERTIFICATIONS AND/OR LICENSING REQUIREMENTS: Current Information Security certification (i.e. CompTIA Security+ SANS or DoD equivalent (IAT Level 3))
TRAINING: Training will be provided to the selected candidate
TRAVEL: If needed, travel to Antarctica for 3 to 5 weeks in any given year.
EDUCATION: Associate degree from an accredited college in Computer Information Systems, or related field; Technical Diploma or equivalent experience/combined education, with a minimum of 3 years of professional experience
DESIRED EXPERIENCE: Some experience in system vulnerability assessments and developing security assessment and authorization packages to include: System Security Plans (SSP), Plan of Action & Milestones (POA&M), Security Assessment Reports and Acceptance of Residual Risk documents. It is desired that the candidate have some experience with Federal Information Security Management Act (FISMA) requirements and National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). Experience should include security policy development, security education, application vulnerability assessments, risk analysis and compliance testing. Knowledge of NIST information security standards, rules and regulations related to information security and data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis. Strong analytical and problem solving skills. Excellent communication (oral, written, presentation), interpersonal and consultative skills.
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.