Information Systems Security Manager (ISSM)

Posted:
11/14/2024, 4:00:00 PM

Location(s):
Oklahoma, United States ⋅ Oklahoma City, Oklahoma, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Workplace Type:
Hybrid

The Multi Domain Solutions Division at Leidos is looking for an Information Systems Security Manager (ISSM) to support a fast-paced program with the Air Force Life Cycle Management Center. This role involves supporting the delivery of comprehensive IT and support services to ensure mission success while adhering to DoD standards and regulations. The ISSM will oversee the cybersecurity posture of DoD information systems, ensuring compliance with DoD security standards and protecting sensitive data. The ISSM will develop and implement security policies, conduct risk assessments, manage system accreditations (RMF), and lead continuous monitoring efforts. The role requires collaboration with cross-functional teams to enforce security controls and manage incident response. The ISSM will also maintain security documentation and ensure ongoing compliance with applicable regulations. 

Primary Responsibilities:

  • Develop, implement, and maintain security policies, procedures, and documentation to ensure compliance with DoD security standards and regulations (e.g., NIST, RMF, FISMA). 
  • Oversee the security posture of DoD information systems, ensuring they meet cybersecurity requirements for confidentiality, integrity, and availability. 
  • Perform risk assessments, vulnerability assessments, and security audits to identify system vulnerabilities and provide remediation strategies. 
  • Manage and conduct continuous monitoring of security controls, ensuring the protection of classified and unclassified data. 
  • Coordinate with cross-functional teams (engineering, IT, operations) to implement and enforce security protocols and best practices. 
  • Ensure the accreditation process for DoD systems (e.g., RMF accreditation) is completed and maintained in compliance with all applicable requirements. 
  • Act as the primary point of contact for security-related issues, coordinating incident response and reporting to senior management and government customers. 
  • Provide security training and awareness programs for personnel involved in the operation of DoD systems. 
  • Maintain and track security documentation, including system security plans (SSPs), risk assessments, and Plan of Actions & Milestones (POA&Ms). 
  • Stay current with emerging cybersecurity threats, vulnerabilities, and trends to ensure the program adapts to evolving security challenges. 

Basic Qualifications:

  • TS/SCI Clearance 
  • Bachelor’s degree with 8+ years of experience or a Master’s Degree with 6+ years of experience.
  • In-depth knowledge of DoD cybersecurity policies, frameworks, and compliance standards (e.g., NIST 800-53, RMF, FISMA, ICD 503). 
  • Experience with system security engineering, risk management, and vulnerability assessments. 
  • Strong understanding of network security, security controls, and common cybersecurity tools (e.g., firewalls, IDS/IPS, SIEM, endpoint protection). 
  • Active security clearance (e.g., Secret or Top Secret) or the ability to obtain one. 
  • Ability to work independently and collaborate effectively with cross-functional teams. 
  • Strong communication skills, including the ability to create and present detailed security reports to stakeholders. 

Preferred Qualifications:

  • CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or similar cybersecurity certification. 
  • Experience with the Risk Management Framework (RMF) for DoD system accreditations and continuous monitoring processes. 
  • Experience in managing security for complex DoD programs or mission-critical systems. 
  • Familiarity with cloud security practices and systems, particularly in a hybrid or government cloud environment. 
  • Experience with security tools for vulnerability scanning, penetration testing, and security auditing. 
  • Advanced security certifications (e.g., CISA, CEH, or CompTIA Security+). 
  • Experience with configuration management and change management processes in a secure environment. 

Original Posting Date:

2024-11-15

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.