Information Systems Security Manager
San Diego, CA - USA
Job Summary
Leidos Corporate Information Security Office reporting through the Digital Sector is seeking an Alternate Information Systems Security Manager (Alt. ISSM) in our San Diego CA Campus Point office.
In this role you will oversee several DCSA-approved Collateral Information Systems and maintain accreditation throughout the system lifecycle. You will serve as the Information Assurance (IA) Subject Matter Expert (SME) providing technical leadership and security oversight for collateral enclaves across the enterprise with demonstrated expertise in SIPRNet environments and requirements. To be successful in this role you will have a proven track record supporting and leading successful CORA / CCRI inspections ensuring compliance with DoD DCSA and applicable cybersecurity policies and directives. Additionally you will oversee day-to-day information system security operations; manage collateral IA and IT personnel; resolve complex cybersecurity challenges; and develop innovative solutions to meet evolving security requirements. Ideally you will demonstrate the ability to successfully work independently and collaboratively with analysts information technology management and staff site leadership and external stakeholders to ensure mission success and regulatory compliance.
Primary Responsibilities
This role may include a combination of duties to protect information and maintain security controls for an entire system site or program to reduce risk.
Develop and lead Information Security projects from concept through deployment implementation and user acceptance.
Support and maintain SIPRNet environments ensuring compliance with DoD NISPOM DAAG and organizational cybersecurity requirements through continuous monitoring risk management and security operations.
Conduct vulnerability assessments and remediation activities including STIG implementation vulnerability analysis POA&M management and timely correction of security findings to maintain system accreditation and compliance.
Conduct vulnerability assessments and remediation efforts including STIG implementation vulnerability analysis POA&M tracking and timely correction of security findings to maintain system accreditation and compliance.
Develop and deliver cybersecurity information assurance and incident response training programs; create training materials procedures and technical instruction to promote security awareness and workforce readiness.
Implement and manage RMF Continuous Monitoring activities utilizing automated tools and ticketing systems to track security controls vulnerabilities corrective actions and compliance status.
Maintain and update system authorization packages and supporting documentation including SSPs CONOPS POA&Ms security control evidence continuous monitoring artifacts and other Assessment and Authorization (A&A) documentation.
Develop and maintain Configuration Management procedures for security-relevant hardware software and firmware; facilitate CCB meetings assess security impacts of proposed changes and document approvals and implementation evidence.
Ensure information systems are operated maintained and disposed of in accordance with approved authorization packages customer requirements and applicable security policies.
Evaluate proposed system changes and advise program and site leadership on security implications risks and required mitigations.
Participate in risk management activities security assessments audits and inspections; conduct risk assessments and coordinate corrective actions to address identified findings.
Lead investigations of cybersecurity incidents and security violations coordinate reporting requirements and ensure appropriate containment remediation recovery and corrective actions are implemented.
Partner with the Facility Security Officer (FSO) and program leadership to develop implement and manage the Information Systems Security Program.
Develop implement enforce and continuously improve information security policies procedures and operational practices.
Basic Qualifications
An active DoD Secret clearance is required for consideration; you must also be eligible to obtain Top Secret clearance following hire.
Bachelors degree in an IT-related subject matter area from an accredited college or university and 8 years of experience in being in an operational cyber security-specific role (e.g. information system security manager information system security officer cyber security specialist) or have 12 years of experience in an IT related position with at least 10 of those years in an operational cyber security specific role.
At least 8-10 years of IA Cyber management experience.
DoD 8570 IAM Level III certified (CISSP or equivalent)
Experience serving as a SIPRNet SME and supporting successful CORA and/or CCRI inspections in a lead or key contributor role.
Detailed understanding of the Risk Management Framework (RMF) National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) cyber security requirements and guidance cybersecurity-related risk management techniques.
Working knowledge in maintaining compliance with National Industrial Security Program Operating Manual (NISPOM) and DCSA Assessment and Authorization Process Manual (DAAPM) / DCSA Assessment and Authorization Guide (DAAG) security requirements for classified information systems.
Familiarity with network technologies (LAN & WAN) and best practices within a classified environment including crypto and key management.
Working knowledge of Microsoft Windows (workstation & server) and Linux operating systems in a secure network environment.
Experience with compliance and vulnerability scanning tools (e.g. Tenable Splunk ACAS STIG Viewer).
Experience with workflow documentation and configuration/change management tools (e.g. JIRA Confluence eMASS).
Must be able to work in a constantly changing regulatory environment with short- mid-and long-term timelines for remediating any non-compliance.
Must work well within a team environment and adapt quickly to change.
Excellent verbal and written communication skills.
Preferred Qualifications
Proficient in using Microsoft Windows and Linux operating systems and cloud computing.
Experience with developing policies procedures and guidance including providing artifacts for the RMF process.
Experience using JIRA ticking and confluence.
If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.
Original Posting:
June 25 2026For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $107900.00 - $195050.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.
Required Experience:
Manager
About Company
Leidos is an innovation company rapidly addressing the world's most vexing challenges in national security and health. Our 47,000 employees collaborate to create smarter technology solutions for customers in these critical markets.