IV&V Junior Analyst

The mission of the DHS Chief Information Security Officer Directorate (DHS CISOD) is to support the Department’s implementation of all applicable regulatory requirements including the Federal Information Security Modernization Act of 2014 (FISMA), relevant Office of Management and Budget (OMB) Circulars, Executive Orders, Federal laws, directives, policies, and regulations. The DHS CISOD’s mission is to also provide the Department of Homeland Security (DHS) a secure and trusted computing environment. The DHS CISOD assists in ensuring Department compliance with information security requirements. Information security is an essential business function, critical to enabling DHS to conduct its operations and deliver service to the public.

Leidos has a critical need for a an IV&V Junior Analyst to ensure DHS-wide compliance relating to federal information security laws, regulations, mandates, and standards by providing the resources and guidance necessary to support Components in strategic decision-making processes for managing security and risk postures within a collaborative environment.

Primary Responsibilities:

• Support CISOD in performing IV&V testing over Component V&V of remediated IT controls. This includes: reviewing and performing analysis of Component V&V (performing a compliance check to ensure that controls tested by component are adequate), communicating results to the Component, tracking V&V packages, to include CISOD and OCFO signatures indicating completion, and providing updates to be included in monthly IT audit report(s). To provide Components to continue working to remediate their deficiencies, CISOD is committed to a 7-day turnaround for all submitted Component V&V packages.

  • Assist in reviewing component IT commitment letters and providing comments.

  • Monitor and report on testing/passing status against the component IT commitment letters.

  • For administration- create a process for selecting QA items for both assessments and remediation, create/update a checklist/process for QA of assessments and remediation, create responsibilities, accountabilities, consulted and informed (RACI) chart, develop Traceability Matrix, incorporate enhancements, design CFO designated system review/checklist to be completed for Assessments and

  •  Authorizations, enhance SSPs to incorporate guidance, GRC system updates, and finalize and publish standard guidance documents.

• Assist in performing Security Authorization Reviews. Evaluate each Component’s CFO- designated and other ancillary System Security Plans (i.e., SP) in order to determine if all CIC controls or components otherwise noted by DHS OCFO have been documented in their entirety. The analysis requires the assessor to determine if the documentation includes the appropriate type of control, each applicable layer of the system, and note any valuable observations. Additionally, developing measurable data that can be communicated to high-levels of management to make the information easily digestible

Primary Qualifications:

• Must be able to obtain a DHS Security Clearance.

• Bachelor’s degree with 4 or more years’ experience in a related field; additional years of related work experience may be considered in lieu of degree

• Experience with DHS, DoDIIS, and IC tools, systems, and reporting mechanisms/requirements for IV&V.

• Ensure compliance with DHS Standards and procedures.

• Good familiarity with and understanding of all relevant government and agency policies and procedures to ensure system documentation is compliance with relevant guidelines, e.g., FedRAMP, RMF, FISMA, FIPS-II, NIST, etc.

• U.S. Citizenship is required.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.