CyberSecurity Manager (AI/Data Security Specialist KP)

Leidos

22h

About The Position

Join our innovative Medical Telehealth Support Contract team, where you'll play a vital role in delivering cutting-edge remote healthcare services to Military Health System beneficiaries. As part of this dynamic program, you'll collaborate with top professionals to enhance patient care through advanced telehealth technologies and streamlined processes. We're looking for passionate individuals who are ready to make a real impact, ensuring patients receive the best care no matter where they are. With a focus on excellence, security, and innovation, this is your chance to be at the forefront of healthcare's digital transformation. If you're driven by quality and a commitment to patient safety, this opportunity is your next career move. The Cybersecurity and AI Data Security Manager provides strategic and operational leadership for all information systems, cybersecurity, and AI data security activities across the program. This role serves as the primary contractor point of contact for cybersecurity functions and is accountable for compliance with all applicable DoD, DISA, U.S. Cyber Command, and MC&FP cybersecurity directives, including DISA IAVM requirements, STIGs, SRGs, PPSM guidance, and related IT/cyber mandates. The manager oversees the security of computers, networks, systems, and databases for all program tasks and subtasks, leading incident response, vulnerability management, patching, configuration management, disaster recovery, and high-availability solutions to ensure the confidentiality, integrity, and availability of program assets. In addition, this position is responsible for the security and governance of AI systems and data within GNAL-NG, ensuring AI-enabled capabilities adhere to patient safety, accuracy, privacy, HIPAA, and DoD security standards. The Cybersecurity and AI Data Security Manager conducts AI performance and risk audits, drives risk mitigation efforts, and partners with Quality Assurance to embed AI quality and safety controls into operational workflows. The role manages cybersecurity and IT staff; leads the development and implementation of security policies, standards, and technical controls; ensures logging and integration with SIEM platforms; and produces all documentation required to obtain and maintain ATO/ATO-C. Through continuous monitoring, forensic analysis, and adoption of emerging security technologies, the manager ensures that security processes and solutions effectively mitigate risk and meet business, contractual, and regulatory requirements for the program.

Requirements

Bachelors degree and 12+ years of progressive combination of experience in information systems, security/cybersecurity, AI data security including hands-on technical operations.
3+ years of experience in AI or data management in healthcare including healthcare AI ethics, patient safety, and data privacy regulations.
Experience in designing and overseeing AI quality and risk mitigation protocols for healthcare.
Specialized experience in technical integration, security measures, and identifying security risks.
Demonstrated experience working within DoD, federal, or similarly regulated environments.
Experience managing security for complex, distributed IT environments (networks, servers, endpoints, databases, cloud/hybrid).
Experience with Authority to Operate (ATO/ATO-C) processes, RMF (Risk Management Framework), and development of security documentation and evidence.
Experience with disaster recovery, high availability, and business continuity planning (e.g., RTO/RPO objectives).
Experience with AI/ML systems, data security, or governance (e.g., model risk, data privacy, validation) strongly preferred.

Nice To Haves

Veteran/military retiree and/or military spouse.
Experience working with and/or for military communities.
Master’s degree in Cybersecurity, Information Assurance, or related discipline preferred.
Relevant professional certifications strongly preferred (e.g., CISSP, CISM, CISA, CCSP, CASP+, CEH, GIAC, or similar).

Responsibilities

Provide strategic and operational leadership for all information systems, cybersecurity, and AI data security activities across the program.
Serve as the primary contractor point of contact for all cybersecurity and information assurance functions.
Ensure compliance with all applicable DoD and DISA requirements, including DISA IAVM mandates, STIGs, SRGs, PPSM guidance, and directives from the DoD CIO, U.S. Cyber Command, DISA, and MC&FP.
Oversee the design, implementation, and maintenance of secure environments and security architectures, including all tasks and subtasks.
Lead, supervise, and develop cybersecurity and IT staff responsible for security operations, engineering, and compliance activities.
Manage AI systems and data security protocols within GNAL-NG to ensure adherence to patient safety, accuracy, privacy, HIPAA, and DoD security standards.
Conduct regular AI performance and risk audits; oversee AI risk mitigation protocols and collaborate with Quality Assurance to integrate AI quality and safety controls.
Lead efforts to obtain and maintain Authority to Operate (ATO) and ATO with Conditions (ATO-C), including ownership of all required security documentation and evidence.
Develop, implement, and maintain security policies, standards, procedures, and plans to protect corporate and program data.
Oversee incident response activities, ensuring timely containment, eradication, recovery, root cause analysis, and lessons learned for security incidents.
Ensure generation, collection, and transmission of security logs to the Security Information and Event Management (SIEM) system, and oversee continuous security monitoring.
Identify, remediate, and mitigate vulnerabilities across systems, networks, and applications, ensuring timely response to high-risk findings.
Monitor and ensure that system revisions, security patches, and configuration changes are implemented and maintained in a timely manner.
Manage solution configurations by adding new services, adapting existing ones, and removing unnecessary services in alignment with security best practices and PPSM guidance.
Design and manage high-availability and disaster recovery solutions, including RTO objectives, backups, access controls, log analysis, and failover capabilities.
Conduct forensic analysis, risk assessments, and security evaluations of the corporate and program environments.
Monitor, investigate, and remediate security violations across networks, devices, servers, databases, and other assets.
Research, evaluate, and implement emerging security and AI-related technologies to enhance security capabilities and automation.
Develop solutions to autonomously verify compliance with required technical controls and continuously evaluate adherence to defined security policies and standards.
Collaborate with internal and external stakeholders to ensure clear communication, alignment, and direction for maximum cybersecurity and AI data protection efforts.