Information Systems Security Manager (ISSM)

About The Position

Requirements

• US Citizen with at least a Top Secret clearance and the ability to obtain a SCI prior to your start date. In addition the ability to maintain your clearance during your employment with Leidos.
• Bachelor’s Degree with 8+ years of experience or Master’s degree with 6+ years of experience. Additional experience may be considered in lieu of a degree.
• CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or similar cybersecurity certification.
• In-depth knowledge of DoD cybersecurity policies, frameworks, and compliance standards (e.g., NIST 800-53, RMF, FISMA, ICD 503).
• Experience with system security engineering, risk management, and vulnerability assessments.
• Strong understanding of cloud security, network security, security controls, and common cybersecurity tools (e.g., firewalls, IDS/IPS, SIEM, endpoint protection).
• Ability to work independently and collaborate effectively with cross-functional teams.
• Strong communication skills, including the ability to create and present detailed security reports to stakeholders.

Nice To Haves

• Experience with Cloud Virtual Enclave (VE) approvals
• Familiarity with cloud security practices and systems, particularly in a hybrid or government cloud environment.
• Experience in managing security for complex DoD programs or mission-critical systems.
• Experience with security tools for vulnerability scanning, penetration testing, and security auditing.
• Advanced security certifications (e.g., CISA, CEH, or CompTIA Security+).
• Experience with configuration management and change management processes in a secure environment.

Responsibilities

• Act as a Subject Matter Expert guiding and assisting teams through different phases of network connection processes from initial request to sustained network operations.
• Facilitate approval process for Authorization to Operate (ATO), Authority to Extend (ATE), Authorization to Connect (ATC), and Interconnection Security Agreement (ISA), working with the customer and stakeholders to receive SCA/AO endorsement.
• Develop, implement, and maintain security policies, procedures, and documentation to ensure compliance with DoD security standards and regulations (e.g., NIST, RMF, FISMA).
• Oversee the security posture of DoD information systems, ensuring they meet cybersecurity requirements for confidentiality, integrity, and availability.
• Perform risk assessments, vulnerability assessments, and security audits to identify system vulnerabilities and provide remediation strategies.
• Manage and conduct continuous monitoring of security controls, ensuring the protection of classified and unclassified data.
• Coordinate with cross-functional teams (engineering, IT, operations) to implement and enforce security protocols and best practices.
• Ensure the accreditation process for DoD systems (e.g., RMF accreditation) is completed and maintained in compliance with all applicable requirements.
• Act as the primary point of contact for security-related issues, coordinating incident response and reporting to senior management and government customers.
• Provide security training and awareness programs for personnel involved in the operation of DoD systems.
• Maintain and track security documentation, including system security plans (SSPs), risk assessments, and Plan of Actions & Milestones (POA&Ms).
• Stay current with emerging cybersecurity threats, vulnerabilities, and trends to ensure the program adapts to evolving security challenges.