Information Systems Security Manager

Leidos is currently seeking an ISSM to join our team in Arlington VA. This position is fully on-site and requires an active TS/SCI for consideration.

The Information System Security Manager (ISSM) will work with a team to identify assess and prioritize risks to DISA and DoD mission partners as well as develop risk mitigation strategies to increase the security posture of systems networks programs and data in the face of internal and external threats. This role involves implementing and administering information security policies procedures and technologies as well as supporting the development of creative solutions to complex technical challenges. The ISSM ensures classified and unclassified systems assets and enclaves possess the necessary security measures to ensure their confidentiality integrity and availability while adhering to DoD DISA and National Institute of Standards and Technology (NIST) approved cybersecurity and Risk Management Framework(RMF) policies standards and guidelines.

Primary Responsibilities:

• Coordinates reviews validates and approves all activities which contribute to the Assessment and Authorization (A&A) of automated information systems.
• Address physical security matters to information assessments security tests and evaluations preparation of Contingency Plans and administration of Life Cycle Management and Configuration Management documentation.
• Conduct cyber situational awareness activities and provide actionable recommendations.
• Assess system vulnerabilities implement risk mitigation strategies and validate secure systems.
• Ensure systems and services are configured in compliance with Risk Management Framework (RMF) STIGs and JSIG Rev 4 standards.
• Implement SOPs and periodically tests recovery procedures to ensure recovery procedures are operational.
• Recommend and implement changes to IT systems in accordance with DoD directives.
• Function as a technical specialist and assess the risk management security and contingency planning programs.
• Implement SOPs and periodically tests recovery procedures to ensure recovery procedures are operational.
• Coordinate development of Systems Security Contingency Plans and Disaster RecoveryProcedures.
• Developandimplement trainingandawarenessprograms to ensure that systems networkand datausersareawareof understandandadhere to systems security policiesand procedures
• Prepare and deliver briefings for senior leadership on cybersecurity strategies and findings.
• Support continuous improvement of monitoring capabilities automation and security enforcing functions

Qualifications:

• Active DoD TS/SCI clearance with eligibility for CI Poly.
• DoDI 8570 IAM Level III/ IAT Level III Certification
• BS and 8-12 years of prior experience addl experience may be considered in lieu of degree
• Knowledge of NIST SP 800-37 CNSSI 1253 FIPS 199 and NIST SP 800-53
• Experience in Risk Management-Experience doing Plan of Actions and Milestones (POA&M) tracking
• Experience creating metrics
• Experience with DOD eMASS and the Risk Management Framework (RMF) accreditation processes
• Knowledge of the DoD Risk Assessment Methodology (DRAM)
• Excellent communication skills with the ability to translate technical concepts for non-technical audiences.
• Expert in creating presentations and presenting policies guidance and procedures regularity

Preferred Qualifications:

• Knowledgeof cloud environments common vulnerabilities and technologies.
• Experience with tools such as ACAS and Splunk.

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.