Senior Information Assurance Security Analyst
Posted on: February 21, 2021
Leidos is a Fortune 500 company aimed at embracing and solving some
of the world's most pressing challenges. Through science and
technology, Leidos makes the world safer, healthier and more
Our Civil Group offers an array of exciting career opportunities
for the best IT, energy, logistics and engineering
Leidos in support of the United States Antarctic Program (USAP),
currently has an opening for a Senior Information Assurance
Security Analyst in Centennial, Colorado.
The Senior Information Assurance Security Analyst is a senior
member of the Leidos - Antarctic Support Contract (ASC) Information
Security (InfoSec) team responsible for applying cybersecurity
principles and best practices to proactively protect and maintain
the confidentiality, integrity, and availability, of USAP data,
information systems, and enterprise network. Personnel in this
position must have an elevated level of trust, with access to
sensitive and private information, which must be handled with
integrity and respect in accordance with USAP policies and
The Senior Information Assurance Security Analyst will be
responsible for coordination, oversight, execution and enhancement
of consistent security practices for all information systems within
the USAP. The Senior Information Assurance Security Analyst will
apply the NIST Risk Management Framework (RMF) to ensure effective
information security controls are documented and delivered to
safeguard USAP business operations, prevent unauthorized system
access, and to protect sensitive information.
This position leads analysis and assessment of compliance with
security and privacy laws, regulations, guidance, and direction,
including the Federal Information Security Management Act (FISMA);
National Institute of Standards and Technology (NIST) guidance;
Federal Information Processing Standards (FIPS); applicable Office
of Management and Budget (OMB) memoranda; National Science
Foundation (NSF); and United States Antarctic Program (USAP)
policies and instructions.
Provides leadership and support for all security compliance
initiatives, such as:
- Leads annual plan to identify, document and update applicable
security controls in the System Security Plan in accordance with
NIST SP 800-53 rev 5, Security and Privacy Controls for Federal
Information Systems and Organizations, and NIST SP 800-37, Risk
- Ensures configuration control over Security Assessment and
Authorization (SA&A) and Certification & Accreditation
- Manages and coordinates both external Office of Inspector
General (OIG) and internal Security Controls Assessment (SCA)
audits, and creation and delivery of audit artifacts.
- Coordinates with Security Engineers, IT Operations teams and
customers to develop and maintain the Plan of Actions and
Milestones (POA&M), Acceptance of Risk (AOR) and other required
security documentation, processes, and procedures.
- Conducts and documents security assessments to determine the
effectives and compliance of planned and implemented security
- Performs systems security evaluations, audits, and server
logging reviews to verify secure operations and recommends
mitigations and corrective actions.
- Organizes and facilitates contingency planning and incident
- Supports Incident Response activities to mitigate damage,
determine impact, document activities, and implement corrective
- Creates, publishes and manages content for the information
security awareness and training program.
- Develops and presents information security reports for
stakeholders, customers and management based on Information
Security operational metrics, security assessments and security
- Evaluates proposed enhancements and changes to the operational
/ business systems, and develops appropriate security
- Develops privacy impact assessments, information categorization
and sensitivity assessments, security test and evaluation
- Bachelor's degree in Cybersecurity and 8 years' relevant
experience. Additional years of experience and relevant
certifications will be considered in lieu of degree.
- Must have experience in system vulnerability assessments and
developing certification and accreditation packages.
- Candidate must have experience with Federal Information
Security Management Act (FISMA) requirements and National Institute
of Standards and Technology (NIST) Risk Management Framework.
- Current Information Security certification(s) (e.g. CISM,
CISSP, CISSO, CISA, Security+).
- Highly knowledgeable in the application of FISMA requirements
such as NIST SP 800-53 rev 5 and NIST SP 800-37 to US Government
- Experience implementing and administering Governance, Risk and
Compliance (GRC) tools.
- Understanding and application of IT Infrastructure Library
- Capable of managing projects within an established project
- Familiar with patch and vulnerability management processes and
tools (e.g. Tenable Nessus).
- Proficient in validating baseline security configurations and
policies (e.g., DISA, CIS Benchmarks).
- Effective at interacting with compliance auditors and managing
delivery of audit artifacts.
- Excellent written and verbal communication skills.Driven by our
talented workforce, the Integrated Missions Operation builds trust
through an array of energy-related IT, environmental science and
engineering solutions to meet our customers' needs.
Key Programs and/or Capabilities:
- Antarctic Support Contract (ASC)
- Large Infrastructure
- Mission Support
- Digital Modernization
- Command & Control
- Mission Applications
- Energy and Environment
- Engineering ServicesLeidos is growing! Connect with us on
LinkedIn and Facebook .
We value and support the well-being and mobility of our employees
with competitive benefit packages, complementary e-learning
training, work-life flexibility, an exciting External Referral
Program , and a diverse, inclusive and ethical work place. In fact,
in 2020, Leidos was ranked as one of the World's Most Ethical
Companies by the Ethisphere Institute for the third consecutive
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Yes, 10% of the time
Scheduled Weekly Hours:
Pay Range $91,000.00 - $140,000.00 - $189,000.00
Leidos is a Fortune 500 -- information technology, engineering, and
science solutions and services leader working to solve the world's
toughest challenges in the defense, intelligence, homeland
security, civil, and health markets. The company's 38,000 employees
support vital missions for government and commercial customers.
Headquartered in Reston, Va., Leidos reported annual revenues of
approximately $11.09 billion for the fiscal year ended January 3,
2020. For more information, visit .
Pay and benefits are fundamental to any career decision. That's why
we craft compensation packages that reflect the importance of the
work we do for our customers. Employment benefits include
competitive compensation, Health and Wellness programs, Income
Protection, Paid Leave and Retirement. More details are available
Leidos will never ask you to provide payment-related information at
any part of the employment application process. And Leidos will
communicate with you only through emails that are sent from a
Leidos.com email address. If you receive an email purporting to be
from Leidos that asks for payment-related information or any other
personal information, please report the email to .
All qualified applicants will receive consideration for employment
without regard to sex, race, ethnicity, age, national origin,
citizenship, religion, physical or mental disability, medical
condition, genetic information, pregnancy, family structure,
marital status, ancestry, domestic partner status, sexual
orientation, gender identity or expression, veteran or military
status, or any other basis prohibited by law. Leidos will also
consider for employment qualified applicants with criminal
histories consistent with relevant laws. - provided by Dice
Keywords: Leidos, Denver , Senior Information Assurance Security Analyst, Accounting, Auditing , Englewood, Colorado
Didn't find what you're looking for? Search again!