Information Systems Security Manager

Posted:
9/10/2024, 12:53:26 AM

Location(s):
Orlando, Florida, United States ⋅ Florida, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Workplace Type:
On-site

Reporting to the Leidos Program Manager, the Information Systems Security Manager - ISSM will be the lead cyber security person for the program. The position may require travel to sites both CONUS and OCONUS. The ISSM will ensure implementation of security features for the Security Operations Center (SOC) and on-site systems and support analysis for external DoD training systems. The ISSM will also ensure the information systems are compliant to appropriate government guidance. The ISSM supports and upholds the Information Assurance program for Information Systems within the enterprise. The ISSM constructs and implements system information security standards and procedures, ensuring functionality and security of the Information Systems.  The ISSM works with the ISSE and ISSOs to develop documentation and the body of evidence for the authorization packages.

Primary Responsibilities:

  • Lead cybersecurity staff to achieve a high degree of customer satisfaction by achieving and maintaining ATOs and high performance on cybersecurity
  • Support the PM in organizational compliance with Leidos policies and procedures.
  • Oversees Information Assurance and Risk Management Framework (RMF) processes and performs duties as ISSM for the program
  • Monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks
  • Coordinates with personnel on system security compliance and Information System Authority to Operate
  • Ensure Configuration management policies and procedures for authorizing the use of hardware/software on an IS are followed
  • Coordinate Information Security Reviews, Security Inspections, and Tests
  • Assesses system security threats/risks.
  • Validates system security requirements definitions and analysis
  • Assists with assessment and authorization process as needed
  • Tracks and validates security incidents and may be required to investigate, document, report, and provide future protective and corrective measures in response to such incidents
  • Ensure proper measures are taken when a incident or vulnerability is discovered
  • Leads Leadership Briefings on system security compliance and Information System Authority to Operate (ATO) compliance, expiration and actions
  • Implements the Risk Management Framework (RMF) methodology to successfully implement an information technology process which shall effectively protect the element's information assets and its ability to perform its mission
  • Populates and maintains RMF databases (eMASS) with bodies of evidence to support system authorization actions
  • Ensures data stewardship (confidentiality, integrity, and availability) is established for each IS, and specific requirements are enforced

Basic Qualifications:

  • Bachelor’s Degree in STEM discipline preferred, with proven track record of performing technical management of DoD programs 
  • Good Understanding of what is needed to implement modern cyber security, networks, cloud architecture and DevSecOps
  • A minimum of eight (8+) years of relevant experience in information system security management
  • A minimum of two (2) years of team leadership experience, working with distributed organizations and a demonstrated record of leading and managing an organization
  • US Citizen and the ability to obtain a SECRET clearance
  • CompTIA Security+ CE
  • Proven understanding, implementation, and management of RMF and the DOD ATO process
  • Hands-on knowledge and management of packages in the Enterprise Mission Assurance Support Service (eMASS) system
  • Ability to gain internal consensus support; operate independently; conceive new and innovative ideas and solutions; predicting potential outcomes, and determine which alternative course of action to follow
  • Ability to establish positive, constructive relationships with technical and functional staff, managers, and peers within the Operation, Group, and across Leidos organizations
  • Prior experience of collaboration efforts outside the immediate organization
  • Highly effective oral and written communication skills 
  • Hands-on knowledge and use of vulnerability scanning and reporting (e.g., ACAS)

Preferred Qualifications:

  • Certified Information Systems Security Professional (CISSP)
  • Knowledge of innovative industry business models and corresponding “go to market” solutions to aid in further growth
  • Demonstrated experience to effectively engage a diverse workforce of employees and subcontractors for effective and optimized resource utilization
  • DISA Network experience
  • Experience working with cloud computing and infrastructure (AWS, Azure, etc.)
  • Experience with Splunk or Elastic
  • Experience with virtual computing environments
  • Experience with common and uncommon DoD cyber tools

Original Posting Date:

2024-09-10

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Leidos

Website: https://www.leidos.com/

Headquarter Location: Reston, Virginia, United States

Employee Count: 10001+

Year Founded: 1969

IPO Status: Public

Industries: Computer ⋅ Government ⋅ Information Services ⋅ Information Technology ⋅ National Security ⋅ Software