The Government Health and Safety Solutions Group is currently hiring a Security Manager to support a large healthcare contract in Baltimore.
Responsible for maintaining computer and information security incident, damage and threat assessment programs. Duties include investigating computer and information security incidents to determine extent of compromise to information and automated information systems, providing computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments, researching and maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. In addition, duties may include designing, developing or recommending integrated system solutions ensuring proprietary/confidential data and systems are protected, participating with the client in the strategic design process to translate security and business requirements into technical designs, and configuring and validating secure systems, testing security products/systems to detect computer and information security weakness.
- The security manager is responsible for the security authorization package that contains three core documents: the system security plan, security assessment report, and plan of action and milestones—and any additional supporting information required by the HHS authorizing official.
- The candidate will be responsible for the security design, development, and testing of java based application architectures in a fast paced development environment.
- Responsible for developing and managing Information Systems cyber security, including disaster recovery, database protection and software development.
- Manages IT security analysts to ensure that all applications are functional and secure.
- Develops and delivers IT security standards, best practices, architecture and system to ensure information system security across the enterprise.
- Implements procedures and methods for auditing and addressing non-compliance to information security standards.
- Responsible for migrating non-compliant environments to compliant environments.
- Establish end to end process flow and user acceptance criteria, collaborating with datacenter, business and technical teams, analyze data input and output conditions, analyze impacts to the system under discussion and also any dependent systems.
- Work under general task direction of program manager.
- Solicit feedback on his/her work for accuracy and completeness from senior team members.
- Directly liaise with federal customers and advise on the security functions that are within the sphere of responsibility and scope.
- Lead Security team meetings and report status and follow-up of action items that are assigned
- Hold others accountable for deliverables that are due to them in order for them to meet their work deadlines and complete their assignments.
Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 8-12 years of professional experience, or 6-10 years of professional experience with a related Master’s degree. Generally has 4+ years of experience supervising or leading teams or projects. Experience may be substituted in lieu of degree.
Responsibility for security evaluations to ensure compliance with standards and relevance with industry security norms. Ensures that project/department milestones are met and adhering to approved security controls. Ensure that System Security Plans are updated, reviewed, and delivered to the customer. Responsible for maintaining the security assessment report (SAR) which includes security control assessment results, including any issues, weaknesses and deficiencies, and recommendations. Responsible for the Re-Authority to Operate (ATO) process with the HHS/ACF Authorizing Official. Responsible for analyzing security problems with existing systems or developing requirements for the new systems, and providing recommendations on overall system solution.
Working knowledge of distributed application environments, preferably good understanding of the J2EE architecture. The web based application architectures include web applications, web services, micro services, and database operations. Experience should include familiarity with standard lifecycle processes and tools, and working within a team environment. Experience in the development of test cases and security test execution. Applicant must demonstrate the ability to work independently or under only general direction. Excellent oral and written communication skills, strong teamwork, ability to multi-task and a strong commitment to client service.
External Referral Bonus:Eligible
Potential for Telework:Yes, 50%
Clearance Level Required:Public Trust
Scheduled Weekly Hours:40
Job Family:Cyber Management
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.