Leidos Corporate Information Security (CIS) is seeking a strong cybersecurity risk management leader to guide a critical element of the overall governance, risk and compliance program. In this role the successful candidate will direct the completion of cybersecurity risk assessments for technology in use at Leidos using their in depth experience with the risk management framework (NIST 800-37) and the applicable industry standards, regulations, policies and guidelines. An ideal candidate has both risk assessment experience but also cyber security engineering and architecture knowledge so that technology can be risk assessed as part of a larger system. Experience with all elements of cloud delivery (SaaS, IaaS, Paas) and the risks that must be contemplated and mitigated is considered a significant strength as well. This role will also oversee the management of applicable elements of the Leidos Enterprise Risk Management program. This includes the conduct of the CIS Risk Council, oversight on technical risk across the Office of the Chief Information Officer (OCIO) and reporting up through the executive leadership team.
This position is the focal point for cyber risk management at Leidos under the direction of the VP, Cyber Risk Management Executive. The successful candidate will be able to demonstrate an exceptional ability to develop relationships and work collaboratively in a technical environment. Experience engineering and/or architecting cyber or information security solutions in a corporate or client environment considered a significant strength. The ideal candidate will also be able to demonstrate the learning agility required to stay up to date in the fast paced cyber industry.
Requires 8+ years of relevant work experience.
Demonstrable experience leading teams to accomplish cyber security and ideally cyber risk management responsibilities.
Experience overseeing and/or conducting risk assessments utilizing NIST 800-37 or similar methodology.
Understanding of and experience with industry standard compliance models and specifically NIST 800-171 series, RMF and/or NIST 800-53.
Demonstrated experience analyzing typical engineering artifacts (system security plans, data flow diagrams, system architectures, requirements documents) to identify areas of potential risk or shortcomings in risk management approaches
Experience briefing and interacting with senior leadership.
Exceptional oral and written communication
Experience with US or other government contracting environments
Experience with governance, risk and compliance requirements for non-US markets and multinational organizations.
Knowledge of Leidos internal policies, procedures, and corporate systems
Knowledge of regulatory frameworks such as DFARS, NDAA, FedRAMP, along with protected data types such as PI and PHI
Experience with external engagements and public speaking.
External Referral Bonus:Eligible
Potential for Telework:Yes, 100%
Clearance Level Required:None
Travel:Yes, 10% of the time
Scheduled Weekly Hours:40
Job Family:Information Assurance
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.