Information System Security Officer (ISSO) - Senior

ministration, and development, with a solid understanding of CI/CD, virtualization, and software-defined infrastructure. This role will be part of a strategic security leadership team which is part of a larger team that is responsible for establishing and maintaining the organization's overall security strategy and posture.

Primary Responsibilities:

• Manage and maintain the security posture of assigned information systems throughout their lifecycle.

• Develop, implement, and enforce information system security policies, standards, and procedures in alignment with NIST, OWASP, and other relevant government standards.

• Conduct risk assessments and vulnerability analyses to identify security weaknesses and recommend mitigation strategies.

• Prepare and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports, and Plans of Action and Milestones (POA&Ms).

• Coordinate and support security authorization activities, such as Assessment and Authorization (A&A) or Authority to Operate (ATO) processes.

• Monitor security controls and implement continuous monitoring activities to ensure ongoing compliance.

• Manage and configure security tools and technologies, including security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and vulnerability scanners.

• Collaborate with system administrators, network engineers, and developers to ensure secure system design, implementation, and operation.

• Provide security guidance and support to Agile development teams, integrating security into CI/CD pipelines and development processes.

• Manage and respond to security incidents, coordinating incident response activities and implementing remediation measures.

• Conduct security audits and reviews to evaluate compliance with security policies and procedures.

• Stay up-to-date on the latest cybersecurity threats, vulnerabilities, and best practices.

• Provide security awareness training to users and staff.

• Manage and control changes to information systems, assessing the security impact of changes.

• Oversee the implementation and maintenance of virtualization and software-defined technologies from a security perspective.

Basic Qualifications:

• Bachelor's Degree in Software Engineering, Computer Science, Information Systems

• Management, Cyber Security or other related discipline is preferred, or equivalent experience; additional years of experience may be considered in lieu of a degree

• 6+ years of prior relevant experience

• Certified Information Systems Security Professional (CISSP) is required

• Ability to research and learn both independently and as part of a team

• Must have reliable internet access

• Must be a US Citizen to apply

Preferred Qualifications:

• Familiarity with Agencies Agile ATO process

• Cloud Certification preferred.

• Experience with Cloud Service Providers (CSPs), AWS and Microsoft Azure

• DOD Top Secret Clearance is required.

Original Posting:
May 20, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:
Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.