Description Job Description:Leidos is seeking a Sr. Cybersecurity Specialist (Policy) to conduct independent verification and validation of computer network system security controls in accordance with published guidelines. The individual should be able to work independently, be self-starting, and also be able to interact and communicate well within a team environment. Position is Bethesda, MD (right over the VA line), and comes with maximum flexibility to create your own schedule. Candidates must currently possess a TS/SCI Polygraph security clearance.Primary ResponsibilitiesCandidate will be part of a team that will individually or as a group be responsible for:
Basic QualificationsBachelor's Degree and 12+ years' experience in information assurance experience with at least 8 years conducting compliance assessments under ICD 503, CNSSI 1253, NIST 800-53, NIST Cyber Security Framework, or a similar framework.Experience leading dozens of compliance assessments.Be familiar with, and capable of, participating on network penetration tests.Must hold, or be able to obtain within 6 months, one of the following certifications: CISSP, GCCC, GNSA, GPEN, GWATP, GPYC.Preferred QualificationsExperience supporting the development, coordination, and review of policies and methodologies introduced or discussed at working groups or technical exchange meetings.Experience conducting assessments in complex IT environments (shared resources, multi-organizational assets, etc.), directed until political multi-faceted situations, and on highly sensitive systems belonging to other organizations.#muellerExternal Referral Bonus:EligibleExternal Referral Bonus $:Potential for Telework:NoClearance Level Required:Top Secret/SCI with PolygraphTravel:Yes, 10% of the timeScheduled Weekly Hours:40Shift:DayRequisition Category:ProfessionalJob Family:Information AssurancePay Range:
- Completing all actions related to the security control assessment of systems using ICD 503, CNSSI 1253, NIST 800-53, NIST Cyber Security Framework or a similar framework approved by the customer to review systems, programs, and other elements to determine compliance.
- Conduct assessments on complex systems using common compliance assessment methodology, tools, and applications to determine adherence to cyber security frameworks.