Information System Security Specialist

Description

The Digital Modernization Sector at Leidos is currently pursuing a new opportunity that has openings for Information System Security Specialist to work in Multiple Locations. This is an exciting opportunity to use your experience helping the U.S. Special Operations Command (USSOCOM) Enterprise Development, Application, and Training (EDAT) mission. In this mission we are focused on providing innovative, data-driven solutions and

enterprise architecture enhancements to enable seamless operations across USSOCOM's global network. The program emphasizes rapid development and deployment of technologies to enhance the mobility and readiness of

Special Operations Forces (SOF) in both combat and non-combat scenarios. Key tasks include program management, application development, training support, and technology integration to maintain USSOCOM's operational edge. The

EDAT program underscores agility and adaptability, ensuring SOF professionals have access to the information and tools they need to meet evolving mission requirements.

These positions will be onsite. Candidates need to be located near Tampa, FL, San Diego, CA, or Fayetteville, NC to

be considered.

Primary Responsibilities:

• Support the development, implementation, and maintenance of the EDAT program's information system

• security policies and procedures, ensuring compliance with DoD and USSOCOM security requirements.

• Assist in preparing, reviewing, and maintaining Authorization and Accreditation (A&A) documentation, adhering to the Risk Management Framework (RMF) and NIST 800-53 controls.

• Design, implement, and maintain secure system architectures, including cloud-based and on-premise environments, with adherence to DISA STIGs, Zero Trust (ZT) principles, and DoD cybersecurity standards.

• Conduct vulnerability assessments, penetration testing, and risk analysis to identify and mitigate security threats across USSOCOM systems.

• Monitor and analyze system activity to detect, report, and respond to security incidents and events.

• Provide incident management support, including root cause analysis, corrective actions, and reporting to senior leadership.

• Implement and manage Public Key Infrastructure (PKI), Identity and Credential Management (ICAM), Attribute-Based Access Control (ABAC), and Role-Based Access Control (RBAC) systems to secure data and user access.

• Ensure compliance with USSOCOM data classification and protection requirements, including implementing Data Loss Prevention (DLP) measures.

• Collaborate with cross-functional teams, including system engineers, developers, and program management, to integrate security into all program activities.

• Provide training and mentorship to teams and stakeholders on cybersecurity best practices, policies, and tools.

• Conduct regular audits, assessments, and reviews to ensure systems comply with security standards and contractual obligations.

• Prepare and present security status reports, metrics, and risk assessments to leadership and stakeholders.

Basic Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Additional training and experience may be considered in lieu of degree.

• The following relevant cybersecurity certifications may be required: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or CompTIA Advanced Security Practitioner (CASP ).

• Proficiency in implementing and managing security controls aligned with RMF, NIST 800-53, and DISA STIG standards.

• Experience with security tools and technologies, such as vulnerability scanners (e.g., Nessus, Qualys), SIEM platforms, and endpoint protection solutions.

• 4-7 years of experience in information system security roles, including responsibilities as an ISSM, ISSO, or ISSE.

• Strong understanding of secure system design, implementation, and maintenance in DoD environments.

• Must possess a Top Secret clearance

Preferred Qualifications:

• Master's degree in Cybersecurity, Information Technology, Computer Science, or a related field.

• Technical certifications, such as GIAC Security Essentials (GSEC) or Certified Information Systems Auditor (CISA), are advantageous.

• Experience implementing Zero Trust (ZT) principles and secure cloud solutions in operational environments.

• Expertise in advanced security frameworks, such as PKI, ICAM, ABAC, and RBAC, to enhance system protection and data sovereignty.

• Familiarity with USSOCOM's operational environment, the SOF Information Environment (SIE), and associated security requirements.

• Previous experience supporting DoD cybersecurity programs with strict compliance and reporting mandates.

• Proven ability to perform risk assessments, develop mitigation strategies, and implement corrective actions.

• Experience leading or contributing to incident response efforts in high-security environments. * Strong ability to communicate technical security concepts to non-technical stakeholders and leadership.

• Experience working with cross-functional teams to align security initiatives with program goals and objectives.

Please disregard the pay range listed on the posting. Positions will range from entry to experienced and the ranges here do not reflect each of those levels. Salary for each position will be determined by position, years of experience, and fit for the

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.