Leidos is a leader in the integration and application of information technology, engineering, and science to solve our customers' most demanding challenges. We deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We are seeking a CISO for our Washington, DC or Aiken, SC locations, contingent upon award. The CISO will be responsible for managing operations and infrastructure as described below for a large federal program.
Basic CISO functions involve staffing and managing a 24x7 Security Operations Center (SOC), ISSO team and security engineers. Must have experience running a security team at an enterprise level with proven ability to successfully acquire authorize to operate (ATOs) with various National Security Systems (NSS). The CISO will have both a technical understanding of security technologies and Governmental security policies stemming from NIST 800-53 Rev 4 policies along with understanding how to deploy security controls to all aspects of a DOE environment. The CISO candidate will also understand fundamental SOC frameworks such as the Cyber Kill Chain, Mitre’s ATT&CK and how a SOC team can apply these concepts operationally. The CISO must stay abreast of the latest security trends and tools such as SEIM, IDS, IPS, DevSecOps, Zero Trust Architecture, Insider Threats, Cloud providers.
MUST POSSESS AN ACTIVE DOE Q or TOP SECRET CLEARANCE TO BE CONSIDERED
The CISO will:
Coordinate, integrate, train and enforce all aspects of the site’s information security program focused on cybersecurity, National Security Systems, and the Enterprise Security Operations Center
Oversee and ensure Cyber requirements are integrated into all site-wide information technology acquisitions
Represent SRS in internal forums, and inter-organizational and governmental forums
Provide a full range of strategic management and leadership skills to present ideas to both technical and non-technical audiences at all levels
Provide oversight for cybersecurity related incidents within the organization and its government and contract partners that are processing and/or holding sensitive data
Work in partnership with other managers in the development, implementation and operation of a Security Operations Center (SOC)
Maintain timely and effective communication with stakeholders to resolve cyber security issues (to include development and maintenance of employee cyber security training)
Plan, prioritize, and coordinate assignments of cyber staff to projects
Propose and provide input into architecture efforts that can be implemented to enhance detection, analysis, containment and response
Manage compliance activities to support the contractor assurance program (i.e. patching and mitigation actions to resolve vulnerability scans)
Establish cyber metrics to gauge program effectiveness and perform internal audits and assessments
Establish policies and procedures to ensure appropriate cyber controls and monitoring are in place to ensure the confidentiality, integrity, and availability of information
Support the CIO and other cyber security personnel to ensure implementation of the cyber security program remains in compliance with DOE and NIST requirements
Work cooperatively with external parties to help improve the SRS cyber program and security capabilities
Plan, prepare, and devise work plans that ensure cyber efforts are conducted within approved budget and schedule parameters while implementing project management processes
Monitor performance, ensure performance standards remain high, and document that risk management goals are accomplished
Maintain a strong understanding of mission needs and use cases so that risk management and cyber operations activities effectively support the SRS mission and program direction while managing risk in a balanced manner
Support responsibility for coordination of external cyber security audits and assessments
Ensures all systems have an approved Authority to Operate (ATO) from NPO
Ability to be on-site, at SRS, Monday-Friday during core business hours to support operational and management activities for cyber security
Job may require on call support in the event of an operational or cyber security incident
Must be able to travel to off-site locations to support DOE requirements
Required Education and Experience: Bachelor's degree in Engineering and 10- 12 years' relevant experience. Demonstrated experience as a senior leader supporting a cybersecurity program is required. Must have and maintain any of the following Certifications: CISSP, CISM, OSCP, CISO.
Must possess an active DOE Q or TS/SCI clearance.
External Referral Bonus:Ineligible
Potential for Telework:No
Clearance Level Required:DOE Q
Travel:Yes, 25% of the time
Scheduled Weekly Hours:40
Job Family:Cyber Management
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.