The Civil Health Operation is seeking a Security/Cyber Manager, contingent upon contract award, in White Oak, MD. There will be occasional travel within the DC Metro area.
The Datacenter Contract supports the Food and Drug Administration (FDA) organizations to provide critical work to safeguard the foods, drugs, devices, biologics, and veterinary products that the Agency regulates. The datacenter supports systems that continue to evolve to meet emerging business needs and to support new mandates and initiatives. It is important to respond to customer needs and issues. The Security Manager position is a highly visible position to ensure the Security/Cyber architecture is sized and structured to provide high availability to meet the service level security agreements for the FDA customer. The Security manager is a Senior Information Assurance Engineering position working with a team of Information Security professionals to design install, administer and monitor a diverse suite of security tools for the FDA datacenter. The Security manager must identify risks, with associated mitigation plans provide a plan for growth of the architecture for future upgrades, and collaborate with peers and other key staff and customers to ensure a reliable and robust Security architecture is established and maintained. The successful candidate will have related Security certifications (example - CISSP) and a minimum of 10 years of related contract experience defining, trouble shooting and managing comparable environments. The person in this position will work directly with the FDA senior leadership team and the Leidos Health Systems program leadership team to ensure success of all aspects of the program including vendor recommendations and solutions, cloud architectures, and other Security support responsibilities in a large scale datacenter environment. This position is contingent upon contract award. Specific roles & responsibilities for the Security Management position include but not limited to the following: • Security architecture and engineering • Engineering change request and security review • Security tool configuration and maintenance • Administration of Agency Log Management System • Security authorization support • Data retention and storage requirements • Continuity of Operations for SOC Network Defense and Monitoring Systems • Proactive vulnerability and compliance scanning • Design Security infrastructure methodologies, patching schedules, processes to ensure a robust and reliable environment. Create solutions for Architect Security information systems for specific projects and present recommendations. • Support the implementation of contemporary Security solutions for the FDA datacenter. • Work alongside the program manager and other datacenter management to determine the technical goals of the program and works with program stakeholders to refine those goals into executable objectives. • Devise plans and drives execution of each phase of the program objectives and innovation projects. • Perform quality control checks, ensuring the effectiveness and reliability of the Security systems, tools, and products. • Evaluate the engineering costs to identify efficiencies and improved ways of delivering service to the customer. • Negotiate with stakeholders (Vendors, Customer, etc.) to generate ideas and clarify specifications. • Delegate tasks as necessary to engineering team and maintains accountability for results. • Build strong professional working relationships with stakeholders to resolves disputes, define technical solutions, and drive positive change within the program. • The ideal candidate may have multiple people supporting them but will be required to work with external stakeholders to achieve program objectives. This would include the issues, risks, dependencies, and making sure action plans are documented and executed accordingly. • Be responsible for working with the customer and external stakeholders (industry leaders, vendors, etc.) to accomplish program goals in which we are dependent on them completing tasks. • This position requires strong written and verbal communication skills, with ability to effectively brief FDA government customers. • Performs technical planning, system integration, verification and validation, cost and risk, and supportability and effectiveness analyzes for total systems across the FDA network supporting security initiatives and ensuring a critical response team is available for immediate responses to address possible security threats and/or breaches. • Assist in the planning and performing of analytical research, design development, and other assignments in conformance with design, engineering and customer specifications. • Must be a self-starter, strong leader, and have the ability to work independently with no supervision. • Some travel ( Minimum Qualifications EDUCATION & EXPERIENCE: Requires a BA/BS or equivalent experience and 10+ years of prior relevant experience or Masters with 8+ years or prior relevant experience. Generally has 4-7+ years of experience supervising or leading teams or projects.
• Experience with Security Datacenter activities and tasks - Datacenter tasks include but are not limited to Security operations, measurements analysis to prevent outages and ensure compliance with negotiated and established service level agreements, Change management for controlled and pre-coordinated changes, and Platforms that span Windows, UNIX, LINUX and cloud technologies. • Demonstrated Security management architecture and leadership skills • Security Management experience with at least 10 years technical management experience • Security certifications such as but not limited to, Cisco Certifications (CCIE, CCNP, etc.) • Deep knowledge of securing Linux and Windows • Experience in cybersecurity, information risk management, or information systems risk assessment • Experience supporting incident management, problem management, and integrating new technologies into these processes. • Experience with typical security platforms including their setup, configuration, management, and monitoring (firewalls, intrusion detection/prevention, anti-malware, Security Information and Event Management (SIEM)) • Experience, implementation of client and server anti-virus software to ensure a pro-active approach to reducing spam, phishing attempts and other external sources of malware that may threaten FDA data or application availability. • Expertise in security scanning software such as Nessus to monitor and pro-actively identify security vulnerabilities that can be mitigated with OS and COTS patching. • Familiarity with Cloud Computing, and Compute/Storage technologies (virtualization). Desired skills: • FDA customer experience and knowledge of their organizational structure • Security forensics expertise • Demonstrated Cloud deployment models and related experience (Private/Public/Hybrid cloud) • AWS, MS Azure, or other cloud technologies and advanced ITIL certifications • Related Certifications such as CAP, CASP, CISA, CISM, Security +, Etc. • Agile development knowledge and framework • Working knowledge of System Security Monitoring tools for management of high availability systems.
Requires US Citizenship with the ability to gain up to a Secret level clearance.