Cyber Security Scrum Master - Military veterans preferred

Description

Leidos has an exciting opening for you, as our next Cyber Security Scrum Master, to play a critical role with the release of a state-of-the-art technology stack under the DOMEX Technology Platform (DTP) contract supporting the OSINT Integration Center (OSIC).  This position provides an opportunity to have impact as part of a mission focused, solutions oriented, and adaptive team that values innovation, collaboration, and professional development. 

As the Cyber Security Scrum Master, you will bring your experience as an Agile Scrum Master to facilitate a team of Cyber Security professionals to align the RMF/ATO process with release and sprint planning using SAFe Agile methodology.  In this role, you will accurately evaluate scope and schedule of work, identify release and sprint backlogs, lead daily scrum meetings and demos, and remove obstacles to enable the team to meet deadlines. You will be the champion of your team, conducting regular data-driven retrospectives, and working actively to improve the process and drive team productivity. You will bring your team leadership experience to anticipate project and implementation issues, to proactively support areas that may become a concern, to manage technical debt, and to ensure successful delivery. You will lean on your experience with security technologies and industry best practices while employing effective security solutions. You’ll collaborate closely with ISSEs, ISSOs, ISSMs, software engineers, software developers, system engineers and Government counterparts to perform the full spectrum of cyber security engineering tasks to ensure our systems meet a variety of regulatory compliance frameworks.  You are curious: you ask why, you explore, you are familiar with latest and greatest open-source tools, and always fascinated by what’s possible and what could be better.  You must be self-driven, and feel ownership over the project, team, and process. Most work will be conducted on-site at our client location in Bethesda, MD. Occasionally, some tasks may be performed remotely.

Fun stuff you will do on the job:

• Coach a disciplined, distributed, fast-moving Agile team and program through Agile/Scrum ceremonies
• Perform release and sprint planning
• Assess the Agile maturity of the team and coach the team to contribute to relentless improvement of the overall program
• Remove impediments and coach the team to remove impediments
• Build and maintain a high performing team by improving team dynamics and coaching the team to maximize self-organization
• Facilitate discussion, decision making, and conflict resolution
• Promote proper documentation of the work, partnering with the software development, infrastructure engineering, and systems engineering teams
• Work across stakeholders to ensure effective solutions are delivered 
• Assist with internal and external communication, improve transparency, and radiate information
• Support the systems engineer in managing the team backlog and foster a healthy team dynamic with respect to priorities and scope
• Demonstrate excellent interpersonal, time management, and problem-solving skills
• Perform review and analysis of cybersecurity event logs
• Organize, conduct, and review technical cybersecurity assessments
• Coordinate with security personnel and recommend mitigation strategies
• Identify points of vulnerability and non-compliance with established cybersecurity standards and regulations
• Maintain Authorization to Operate (ATO) records in XACTA system
• Manage and report Plan of Actions and Milestones (POA&M) compliance
• Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
• Apply system security engineering familiarity in one or more of the following: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off the-shelf and government off-the shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing;

This is you:

• Bachelors degree (technical discipline preferred) and 8+ years of relevant experience
• Active TS security clearance with ability to obtain and maintain a TS/SCI with Polygraph
• Must be a US Citizen
• Certified Scrum Master (CSM) or SAFe Scrum Master (SSM) certification
• Excellent communication, collaboration, and conflict resolution skills
• Experience with SAFe methodology
• Experience with task and ticket management tools such as GitHub
• Proven ability to balance concurrent activities
• Strong knowledge and experience in software development and cybersecurity engineering in an Agile or SAFe environment
• Ability to quickly build rapport and keep a positive and motivated team environment
• Experience establishing a System Security Engineering (SSE) management process to integrate security and privacy controls into complex hardware and software systems
• 1 year of experience developing and reviewing security concept of operations, systems security plans, security risk assessments, contingency plans, configuration management plans
• Experience with XACTA, EMass, or similar tool
• Experience with NIST Special Publications e.g. NIST SP 800-27, 30, 37, 53, 60
• Experience with CNSS publication CNSSI 1253
• Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans

You will wow us even more if you have some of these skills:

• At least one DoD 8570.01-M IAT Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, SSCP, CISSP (or Associate)
• Experience with NIST SP 800-171
• Familiarity with modern development approaches (serverless, containerization, cloud, continuous delivery, micro-services, event based applications)
• Experience with cloud deployment and cloud-based solutions
• Experience supporting DIA/OSIC and/or DTP
• Software development/coding experience with programming languages such as Python, Java, and React, and software development framework tools such as Appian
• Experience configuring, running, and analyzing vulnerability scans
• Experience with DevOpsSec pipelines and tools
• Experience with database systems, search engines, web applications
• Experience in a Linux Red Hat and Centos environments
• Experience with big data applications
• Experience with GitLab and GitHub

#NMECDTP

Original Posting:

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.