Information System Security Manager (ISSM)

We are looking for an Information System Security Manager (ISSM)who is interested in working in a fastpaced environment to establish a robust security posture for a government information system for a new federal agency. The successful candidate will provide oversight and enforcement of Cyber Security policies and procedures to maintain a holistic security approach for the lifecycle of the system.

The ISSM will report directly to the agency Chief Information Security Officer (CISO). The ISSM will serve as the Subject Matter Expert (SME) as part of the Security Team and technical domain. In addition the role requires oversight of a Cybersecurity Team and ensures their compliance with established information security requirements.

Candidate MUST:

Be currently located in the United States.

Be US Citizen or US Person (Green Card Holder) with the ability to obtain a level 4 Public Trust Clearance.

This is a hybrid position with up to 10% travel.

Responsibilities:

Other skills and responsibilities include but are not limited to:

• Handson experience enforcing information protection policies in an unclassified environment.

• Proficient with a major cloud services platform i.e. GCP Azure AWS SaaS applications etc.

• Documents compliance activities in accordance with the governing authority approved authorization package.

• Develop implement and enforce Information Security Policies and Procedures.

• Evaluates proposed changes or additions to the information system and advises senior site leadership of the security relevance.

• Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring.

• Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered.

• Develops and implements an effective system security education training and awareness program.

• Maintains a working knowledge of system functions security policies technical security safeguards and operational security measures.

• Performing risk assessments and documenting results in a RAR and keeping the risk assessment current throughout the acquisition/development portion of the system life cycle.

• Certifying to the AO in writing that the requirements and implementation procedures listed within the security plan are in accordance with the NISPOM NIST SP 80053 etc.

• Maintains the system in accordance with the security plan and Authorization to Operate (ATO).

Required Qualifications:

• Bachelors Degree and minimum ten (10) years of experience. Additional years of relevant experience in lieu of degree may be considered.

• 5 years of experience supervising or leading teams or projects.

• Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP).

• Detailed understanding of the Risk Management Framework (RMF) NIST ICD and CNSS standards.

• 3 years experience as an ISSM or 5 years experience as a Sr. ISSO.

• Experienced in one or more cloud computing services and technologies including but not limited to: AWS Microsoft Azure Google Cloud to assist in the preparation of management plans and reports.

• Active Public Trust Clearance or Ability to obtain a Public Trust Clearance.

Desired Certification:

• Cloud certification is a plus

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.