Join our talent network

Job #: R-00005045_35928252067_0
Location: Orlando, FL
Category: Cyber Security
Schedule (FT/PT): Full time
Travel Required: Yes, 10% of the time
Shift: Day
Potential for Telework: Yes
Clearance Required: None
Referral Eligibility: Eligible
Group: Corporate

Job Description:

Leidos is seeking an Information Security Governance Principal to join our Corporate Information Security Group. This position can be supported from Gaithersburg - MD, Reston - VA, or Orlando - FL with occasional telework arrangements at supervisor's discretion.

In this role, you will report directly to the Director of Cybersecurity Governance and work within our Computer Information Security (CIS) department to define and communicate cyber governance and compliance priorities. You will be responsible for providing Cybersecurity governance and compliance expert guidance, process improvement, reporting and metrics at the enterprise level. You will also be responsible for establishment and implementation of a framework and process for continual oversight to ensure Cybersecurity Governance compliance of internal and external regulations, policies and laws on a global scale. In addition, the role will be responsible for monitoring compliance against requirements, reporting issues and working to identify remediation options/solutions.


- Implement the Leidos Cybersecurity Governance framework and process for continual compliance of internal and external regulations, policies and laws

- Track progress of adoption, maturity and degree of compliance through governance processes and dashboard metrics/KPIs

- Ensure completeness of governance controls and documentation

- Ensure any new controls and processes are integrated into the CIS Governance Framework

- Lead or participate as needed in cross-functional teams to integrate processes (change, risk management, governance, etc.) in support of CIS Governance and operational aspects of the business

- Proactively track, challenge and drive to closure all Cybersecurity owned issues (e.g. audit findings) and maintain oversight

- Define and communicate Cybersecurity governance and compliance priorities

- Establish and maintain regular written and in-person communications pertinent to Cybersecurity governance and security activities

- Help develop, maintain, evaluate and implement policies and procedures in line with both business requirements and national and international legislative changes

- Work with Line, Cyber and IT personnel to ensure awareness and alignment of ongoing industry and best practice compliance obligations.


- Bachelor's degree in Information Systems or a related field and minimum 8 years of Cybersecurity or Information Security related experience. Additional years of relevant experience and / or professional certifications will be considered in lieu of Bachelor's degree.

- Demonstrated knowledge and operational understanding of Cybersecurity Laws and regulations in both the U.S. and abroad impacting data protection and the confidentiality, integrity and availability of systems and data including NIST Cybersecurity Framework (CSF), NIST Special Publication 800-171 (DFARS), NIST Special Publication 800-53, ISO 27001, GDPR, etc.

- Excellent oral and written communication skills with an ability to translate security and operational controls or gaps into residual risk and identify mitigations.

- Strategic mindset and demonstrated ability to understand leadership's long term visions and articulate such into the development of near term plans to achieve strategic goals.

- Strong interpersonal skills and professionalism to foster collaboration on resolution of compliance gaps and issues.

- Ability to build strong partnerships and relationships with organizational entities outside of CIS.

- Strong understanding, experience and knowledge of DevOps and DevSecOps concepts.

- Experience with activities to include system security plans, contingency plans, incident response plans, configuration management plans, security control requirements and assessments, Plan of Action and Milestones (POA&M), and training requirements consistent with common frameworks e.g., NIST.

- US Citizenship is required and able to obtain security clearance.


- Certification(s): Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA), or Certified Information Privacy Professional (CIPP), or Federal Information Technology Specialist (FITSP)


Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 31,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.17 billion for the fiscal year ended December 29, 2017. (NYSE: LDOS) All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community