Security Operations Lead

Description

Leidos Health Mission Solutions is seeking an experienced Security Operations Lead, contingent upon contract award, to support a highly visible Technology (IT) services effort at the Health Human & Human Services (HHS) in Rockville, MD.

This position is contingent upon contract award.

Candidate must be a US Citizen with the ability to obtain a Public Trust Clearance and have lived in the US for the past 3 consecutive years.

The Security Operations Lead will have responsibility for all Information Assurance, Security Policies, Continuity and Disaster Recovery. The candidate will serve as a section lead in a team environment that will maintain functionality in accordance with HHS standards. The candidate is expected to work independently and collaboratively in a team environment with good communication and interpersonal skills to work in a customer-focused team environment.

• Direct staff in the execution of security activities to ensure applications and systems meet and/or exceed HHS standards.
• Monitor, collect and review information regarding security issues to identify security issues, mitigate and resolve.
• Lead the identification, evaluation, and recommendation of new security technologies, techniques, and tools.
• Interface with the client in the strategic design process to translate security and business requirements into technical solutions.
• Provide security information with periodicity of daily, monthly, yearly, current period, year-to-date, total by period, and trending over time.
• Monitor, collect and review all security incidents information for reporting ton include intrusions, breakouts and/or corrupted files.
• Alert Operations Management and, upon customer leadership direction, end users of security issues or updates to the applications and systems in use.
• Responsible for providing the artifacts, security policies and procedures demonstrating compliance with the Security Assessment and Authorization requirements.
• Oversee relationships with the key operating system, network device, and application vendors to facilitate the timely release and distribution of information on product security issues and patches.
• Configure and validate secure systems and tests security products and systems to detect security weakness.
• Conduct regular audits to ensure that systems are being operated securely and computer security policies and procedures are being implemented as defined in security plans.
• Support security disciplines associated with Homeland Security Presidential Directive (HSPD-12) related work, such as, Zero Trust Architecture, NIST cyber security standards, NIST SP 800-53 Rev 5 controls, PCI-DSS standards, IPv6, and MFA with identity proofing.
• Execute all security actions necessary to secure the desktop including, but not limited to, deployment of network access control, program control, anti-virus, anti-spyware, anti-malware, data security, and remote access solutions on all end user devices.
• Participate in Security Incident Response Conference Calls with the customer and other contractors in the event of any critical security incidents.

• Bachelor's degree or equivalent in computer science, engineering, cybersecurity, or related field plus eight (8) years of experience with focus on cybersecurity. Additional experience may be substituted in lieu of degree.
• Must be a US citizen.
• Ability to obtain a Public Trust Clearance, and the past 3 consecutive years residency in the US.
• Hands-on experience in roles such as Security Analyst, Incident Responder, or Threat Hunter. This should include practical involvement in monitoring, detecting, and responding to security incidents.
• Hands-on experience managing Cyber Security tools, including Configuration Assessment, Log Aggregation, Integrity Verification, Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions.
• Experience with Security incident response & contingency planning and supervising a Cybersecurity team within a helpdesk.
• Experience working with Splunk, secure email solutions, End-Point protection solutions, Web Application Firewalls, and other forms of security.
• Broad IT experience covering areas such as networking, systems administration, or general IT support, with a focus on how these areas intersect with security.

• Experience with working at HHS agencies, highly desired.
• Azure Solutions Architect or similar.
• Cybersecurity certifications such as CISSP or CCSP or other similar.