Description
Job Description:
The Information Security Manager is responsible for the implementation, management, security. and availability of all Contractor computer equipment and personnel on the Military One Source (MOS) contract. Responsible for Information Assurance (IA) related training, operational procedures, documentation and business processes required to obtain and retain official accreditation of the online resources by full compliance of DoD Information Assurance Risk Management Framework. Defense Information Assurance Risk Management Framework (US DoD)
The MOS program provides for 5.2 million military members and their families at locations worldwide services similar to a commercial Employee Assistance Program (EAP) with a broad array of information and referrals as well as counseling services including adoption information, child care, exceptional family member programs, deployment support, disability information, elder care, educational services for adults, children and youth, spouse education and career information, relocation services, pet care, non-medical counseling, financial counseling, tax assistance, health and wellness coaching, housing assistance, legal service referrals, single service member services, lodging, military benefits, relationship support, parenting, spouse relocation and transition, peer-to-peer support, and everyday issues (e.g., locating a plumber, car repair). These services are available 24 hours a day, seven days a week (24/7), through the Internet, by telephone (via 800 number and collect calls), electronic mail (e-mail), postal mail, video counseling, and face-to-face counseling.
It is REQUIRED the Information Security Manager is certified DoD 8570.01 – M – IAM Level III
Primary Responsibilities
Leads efforts to ensure adequate security processes and solutions to mitigate or remediate identified risks sufficiently to meet business objectives, contractual and/or regulatory requirements
Leads incident response activities, ensuring security incidents are properly contained, eradicated, and recovered
Drives development of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification, and destruction.
Ensures proper security logs are generated and sent to the organization’s Security Information and Event Management (SIEM) system
Researches and implements emerging technologies to enhance the security portfolio
Persistently evaluates adherence with defined policies and standards
Leads efforts with identifying, remediating, and/or mitigating vulnerabilities in the environment, ensuring appropriate response to high risk and aged findings
Leads the development, design, implementation, and maintenance of a secure environment for the MOS Program
Ensures security processes and solutions are protected against a failure or attack that reduces the organization’s ability to respond to security incidents
Ensures processes and solutions are maintained securely and highly available to protect the confidentiality, integrity and availability of assets
Monitors and ensures systems revisions and patches are up to date
Manages and performs changes to the solutions and remove unnecessary services
Understands risks and impact to systems in the corporate environment and their interconnectivity
Performs forensic analysis and risk assessments for the entire environment
Designs and manages enterprise high-availability solutions running a complex arrangement of operating systems, including system updates, log analysis, access controls and backup
Performs changes to the solution configurations to add new services, adapt existing services, and removes unnecessary services.
Monitors, remediates, and mitigates security violations for network, devices, servers and other assets
Designs, implements, and maintains security guidelines and a security infrastructure for the MOS program
Develops technical solutions to autonomously verify compliance with required technical controls
Other duties as assigned
Basic Qualifications
- Information Security Manager is certified DoD 8570.01 – M – IAM Level III
Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) (or Associate), GIAC Security Leadership (GSLC), or Certified Chief Information Security Officer (CCISO)
Must be an U.S. citizen
Must speak fluent English
Preferred Qualifications
A Bachelor’s Degree from an accredited college or university in Computer IT, Management Information Systems, Computer Science, or other IT-related field to include course work in information security and program or project management
A minimum of five years of experience in IT involving information security or IT operations
Experience in a military environment
Former Military/Veteran, Military Spouse, or Wounded Warrior
Pay Range:
Pay Range - -#Remote
Covid Guidance
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
About Leidos
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
