Job Description Leidos has an immediate opportunity for a Information Assurance Security EngineerInformation System Security Engineer in Chantilly, VA. This position requires a candidate with an active TSSCI clearance and the willingness and ability to successfully obtain a polygraph. The Information Assurance Security Engineer (IASE) provides direct security engineering support to the execution of the customer's Information Assurance (IA) Certification and Accreditation (CA)Assessment and Authorization (AA) mission. The IASE will be responsible for Installation, configuration, testing, and administration of systems and capabilities to support the automated scanning, monitoring in support of CAA and ICD-503, NIST 800-53 security controls mappings, reporting of FISMA and reporting of Information Assurance Vulnerability Alerts (IAVA)Intelligence Community Vulnerability Alerts (ICVA). Integrating and testing new features and functions within the AA Management solution. This includes, but may not be limited to, DoD 8500.2, and NIST 800-53 Security Controls mappings implementing updates business processes, workflow, and templates and direct support to the government customer Performing security assessments design reviews and providing guidance on new technologies for the program. New technologies may include, but are not limited to, Cloud technologies, Hardware, Operating System, Web technologies and Databases EDUCATION EXPERIENCE BS in Computer Science, IT or applicable engineering or science field 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience MINIMUM REQUIREMENTS Active TSSCI clearance with the ability to obtain a polygraph Certifications equivalent to DoD 8570.1M IAT Level II, including Security CE or above, or IAM Level II, including CISM, CISSP, or CAP Certification, or IA SAE II Demonstrated proficiency in developing and implementing a Cybersecurity plan for a new operational system resulting in an ATO andor ATC Knowledge of the DoD Authorization and Accreditation (AA) process and standards as implemented in the NIST Risk Management Framework (RMF) Experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, security test and evaluation (STE), contingency planning, firewall policy, ports, and protocols 8 years of Security Engineering experience with DIACAP, ICD-503, andor NIST Risk Management Framework Experience implementing and executing software and security engineering practices as defined by NIST 800-53, ICD-503 Experience with DoD, DISA, and IC tools, systems, reporting mechanisms and requirements for CA DESIRED REQUIREMENTS Experience with Tenable Nessus creating custom scan templates, auditing findings, and recommending remediation steps Familiarity with AWS concepts and cloud-based security best practices Experience in RHEL OS hardening securing systemssoftware IAW IC, DoD, and industry best practices development of security controls, testing methodologies, and procedures for systems, cloud based architectures Experience with SCAP based tools and specifications Experience designing, developing and using host based and network based scanning tools Experience in the areas of systemsoftware design, development, integration, testing, system administration, OM Experience with both Windows and RHEL operating systems "External Referral Eligible" Department Other