Information Systems Security Manager

Leidos•Arlington, VA

1d•Onsite

About The Position

Leidos is currently seeking an ISSM to join our team in Arlington, VA. This position is fully on-site and requires an active TS/SCI for consideration. The Information System Security Manager (ISSM) will work with a team to identify, assess, and prioritize risks to DISA and DoD mission partners, as well as develop risk mitigation strategies to increase the security posture of systems, networks, programs, and data in the face of internal and external threats. This role involves implementing and administering information security policies, procedures, and technologies, as well as supporting the development of creative solutions to complex technical challenges. The ISSM ensures classified and unclassified systems, assets, and enclaves possess the necessary security measures to ensure their confidentiality, integrity, and availability while adhering to DoD, DISA, and National Institute of Standards and Technology (NIST) approved cybersecurity and Risk Management Framework (RMF) policies, standards, and guidelines.

Requirements

Active DoD TS/SCI clearance with eligibility for CI Poly.
DoDI 8570 IAM Level III/ IAT Level III Certification
BS and 8-12 years of prior experience, add'l experience may be considered in lieu of degree
Knowledge of NIST SP 800-37, CNSSI 1253, FIPS 199 and NIST SP 800-53
Experience in Risk Management-Experience doing Plan of Actions and Milestones (POA&M) tracking
Experience creating metrics
Experience with DOD eMASS and the Risk Management Framework (RMF) accreditation processes
Knowledge of the DoD Risk Assessment Methodology (DRAM)
Excellent communication skills with the ability to translate technical concepts for non-technical audiences.
Expert in creating presentations and presenting policies, guidance, and procedures regularity

Nice To Haves

Knowledge of cloud environments, common vulnerabilities, and technologies.
Experience with tools such as ACAS, and Splunk.

Responsibilities

Coordinates, reviews, validates, and approves all activities, which contribute to the Assessment and Authorization (A&A) of automated information systems.
Address physical security matters to information assessments, security tests and evaluations, preparation of Contingency Plans, and administration of Life Cycle Management and Configuration Management documentation.
Conduct cyber situational awareness activities and provide actionable recommendations.
Assess system vulnerabilities, implement risk mitigation strategies, and validate secure systems.
Ensure systems and services are configured in compliance with Risk Management Framework (RMF), STIGs, and JSIG Rev 4 standards.
Implement SOPs and periodically tests recovery procedures to ensure recovery procedures are operational.
Recommend and implement changes to IT systems in accordance with DoD directives.
Function as a technical specialist and assess the risk management security and contingency planning programs.
Implement SOPs and periodically tests recovery procedures to ensure recovery procedures are operational.
Coordinate development of Systems Security Contingency Plans and Disaster Recovery Procedures.
Develop and implement training and awareness programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
Prepare and deliver briefings for senior leadership on cybersecurity strategies and findings.
Support continuous improvement of monitoring capabilities, automation, and security enforcing functions

Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers.
Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.
More details are available here.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume