Information Systems Security Officer

Chantilly VA Leidos


At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainable practices. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. Further, our employees enjoy career enrichment opportunities available through mobility and development, while experiencing rewarding relationships with supportive supervisors and talented colleagues and customers.

We offer a robust benefits package including competitive salaries; 401K Retirement Plan; comprehensive medical, dental and vision coverage; flexible work schedule to allow for life/work balance; tuition reimbursement and more.

Leidos has an immediate opportunity for an Information Assurance Security Officer/Information System Security Officer in Chantilly, VA.

Security Clearance Requirement: This position requires an active Top Secret SCI with polygraph clearance. Only candidates with the correct level of clearance will be considered.

The Information Systems Security Officer (ISSO) provides direct and indirect security engineering support to the execution of the customer’s Information Assurance (IA) Certification and Accreditation (C&A)/Assessment and Authorization (A&A) mission.

The ISSO will be responsible for:

  • Monitor and report on installation, configuration, testing, and administration of systems and capabilities to support the automated scanning, monitoring in support of C&A/A& and ICD-503, NIST 800-53 security controls mappings, reporting of FISMA and reporting of Information Assurance Vulnerability Alerts (IAVA)/Intelligence Community Vulnerability Alerts (ICVA).

  • Monitor and report on integrating and testing features and functions within the A&A Management solution. This includes, but may not be limited to, DoD 8500.2, and NIST 800-53 Security Controls mappings; implementing updates business processes, workflow, and templates; and direct support to the government customer

  • Handle information system Assessment and Authorizations (A&A) as well as Continuous Monitoring (ConMon) tasks.

  • Prepare and maintain information systems Accreditation and Authorization (A&A) packages (BoE – Test Plan, SSP)

  • Collaborate with cross-functional team to implement security controls and measures and provide technical guidance to team members on security-related issues.

  • Conduct Configuration Management (CM) tasks to ensure all associated hardware, software, and security relevant functions are maintained and documented.

  • Review system vulnerability scans, verify implementation of DISA STIG’s, and report any outstanding security relevant risks to the program for mitigation.

Basic Requirements:

  • B.S. in Computer Science, IT or applicable engineering or science field

  • 8 plus years of prior relevant of related experience

  • Active TS/SCI w polygraph is required.

  • Experience with the Risk Management Framework (RMF) and ICD 503 Security Accreditation processes.

  • Experience in development of technical documentation to include artifacts required to support Assessment & Authorization (A&A) under the Risk Management Framework

  • Candidate must demonstrate experience interpreting and applying government security regulations such as NIST, ICD and FISMA. 

  • Knowledge information system security principles.

  • Candidate must be highly organized and self-motivated with excellent documentation skills and the ability to work with minimal supervision.  Candidate should be able to communicate effectively with customers and team members at all levels.

  • Ability to work independently within a schedule and with little direction.

Preferred Qualifications:

  • Experience with security configurations across multiple operating systems in various environments, to include Windows, Linux, utilizing Active Directory/Group Policy.

  • Experienced with various security tools and processes such as Tenable SC, Nessus, Fortify, Xacta, Trellix, Elastic (Kibana)

  • Experience with Cloud Computing Technologies/Amazon Web Services (AWS)

  • STIG compliance and POA&M and vulnerability management

  • Knowledge of the complex environment involving shared IC networks and multiple security enclaves

  • Knowledge of CMDB and Service+

Original Posting Date:


While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $101,400.00 – $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

To apply for this job please visit