Apply on Employer Site

Leidos · 9 hours ago

Senior Information Security Systems Engineer

Mountain View, CA

Full-time

Onsite

Senior Level, Lead/Staff

$108K/yr - $195K/yr

8+ years exp

Leidos is seeking a qualified Senior Information Systems Security Engineer (ISSE) to serve as the cybersecurity contact responsible for ensuring that assigned federal information systems comply with applicable agency security policies and standards. This role involves maintaining and managing the System Security Plan (SSP) and providing technical leadership in system authorization, risk management, and continuous monitoring activities.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware

No H1B

U.S. Citizen Only

Responsibilities

Serve as the principal security advisor to the ISO for assigned information systems within a federal environment, ensuring compliance with NIST SP 800-53, NIST SP 800-37, and agency-specific security requirements

Update and maintain the System Security Plan (SSP), ensuring that control implementations, system descriptions, and security boundaries are accurately documented and kept current

Coordinate with system owners, administrators, and engineering teams to ensure system configurations and operations align with the approved SSP

Lead and manage the Authorization to Operate (ATO) process, including preparation of risk assessments, Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), and continuous monitoring artifacts

Conduct periodic reviews and updates of SSPs and related security documentation to reflect system changes, audit findings, or emerging threats

Oversee the implementation and assessment of security controls in accordance with the NIST RMF

Provide guidance on risk mitigation strategies and assist with remediation efforts following audits or assessments

Lead continuous monitoring efforts, including vulnerability management, incident response coordination, and control effectiveness tracking

Prepare and deliver security status reports, risk summaries, and compliance briefings to senior leadership and agency stakeholders

Mentor junior ISSOs and serve as a subject matter expert in federal cybersecurity compliance and authorization processes

Support annual security plan testing and auditing in collaboration with the Information System Security Officer

Provide configuration and implementation control information to security stakeholders in support of POA&Ms, RBDs, and annual security plan audits

Qualification

System Security Plans (SSPs)Risk Management Framework (RMF)NIST SP 800-53Continuous monitoringAuthorization to Operate (ATO)Security control assessmentsCISSPCISMCISACommunication skillsProblem-solving

Required

Bachelor's degree in computer science, engineering or related field with 8+ years of experience working in computer hardware and software support

Demonstrated experience with System Security Plans (SSPs), Risk Management Framework (RMF) processes, and ATO lifecycle management

Knowledge of NIST SP 800-53, NIST SP 800-37, FIPS 199/200, and other applicable federal cybersecurity standards

Proven experience with continuous monitoring, POA&M management, and security control assessments

Ability to obtain a NASA Public Trust clearance

Apply sound logic and reasoning against troubleshooting difficult issues

Creativity to imagine innovative, effective solutions to problems, as well as manage multiple issues at the same time

Understanding and appropriately responding to feedback is an important aspect of this position

Both oral and written communication skills are vital to relaying important information, training new staff members, and communicating about solutions to complex problems