Leidos is a Fortune 500™ company aimed at embracing and solving some of the world’s most pressing challenges. Through science and technology, Leidos makes the world safer, healthier and more efficient.
Our Civil Group offers an array of exciting career opportunities for the best IT, energy, logistics and engineering professionals. Driven by our talented workforce, the Integrated Missions Operation builds trust through an array of energy-related IT, environmental science and engineering solutions to meet our customers’ needs.
- Large Infrastructure
- Mission Support
- Digital Modernization
- Command & Control
- Mission Applications
- Environmental Science
- Nuclear Security
- Engineering Services
Leidos is looking for an Information System Security Manger (ISSM) to support a large opportunity for Leidos supporting operations for Integrated Information & Cyber Security Services including Enterprise Operations, End User Support, Software Engineering and Cyber Security. The ISSM is responsible for the management and technical administration of the Cyber Security Program in accordance with internal and external security requirements. The ISSM will oversee day-to-day information system security operations, resolve complex problems, and develop innovative solution to meet changing security requirements. The ISSM will serve as the Subject Matter Expert (SME) within the Information Assurance technical domain. Ability to work independently as well as with a team of analysts, information technology management and staff, and site management. The ideal candidate will be adaptable to diverse office situations, procedures and demands.
Responsible for the following tasks:
- Develops and leads Information Security projects from conceptualization to full deployment and user acceptance
- Manages staff to deliver Cyber Operations, Cyber process improvements, and Cyber project execution
• Continuous monitoring, analysis, and response to Information System network and security events.
• Documents compliance activities in accordance with the governing authority approved authorization package.
• Develop procedures and documentation to ensure compliance with Configuration Management (CM) for security relevant IS software, hardware, and firmware.
• Ensures systems are operated, maintained, and disposed of in accordance the governing authority approved authorization package and customer directives.
• Evaluates proposed changes or additions to the information system and advises senior site leadership of the security relevance.
• Develop and conduct security IS education and training.
• Mentor other engineers in the art of cybersecurity and secure software development practices
• Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring.
• Lead investigations of computer security violations and incidents, reporting as necessary to both the Facility Security and Senior Program Managers.
• Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered
• Working with the Facility Security Officer (FSO) develop, implements and manage a formal Information Security/Information Systems Security Program.
• Develop, implement and enforce Information Security Policies and Procedures.
• Author, review and update IS Authorization documentation (Body of Evidence) to support IS Assessment and Authorization activities
• Ability to acquire and maintain U.S. Department of Energy Q clearance
• U. S. Citizen
• Bachelor’s degree in an IT related subject matter area from an accredited college or university and seven years of experience in an IT related position with at least five years being in an operational cyber security specific role (e.g., information system security manager, information system security officer, cyber security specialist) or have ten years of experience in an IT related position with at least seven of those years in an operational cyber security specific role.
• At least 5 years IT Team leadership and management experience, preferably 3 years Cyber management experience
- Detailed understanding of the Risk Management Framework (RMF), National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) cyber security requirements and guidance, cyber security related risk management techniques
• Familiarity with network technologies (LAN & WAN) and best practices within a classified environment to include crypto and key management
• Working knowledge with Microsoft Windows operating systems (workstation & server), Linux, and system virtualization (multiple hypervisors) in a secure network environment.
• Experience with compliance scanning tools and vulnerability scanning tools (e.g., Tenable)
• Must be able to work in a constantly changing regulatory environment with short, mid and long term timelines for remediating any non-compliance
• Must be able to work well within a team environment and able to adapt quickly to change
• Excellent verbal and written communication skills
• Possess a Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or similar professional certification.
• Past or current ISSM/ISSO experience
• Extensive experience working with external audit teams
• Periodic travel to KY/OH
• DOE or DOD IS knowledge and experience
• Security hardening scripting/automation experience
• Microsoft OS Certification (MCSE Win 7 or other)
• Linux certification (RHCSA, CompTIA Linux, LCFS/LCFE, etc.)
• Knowledge of waterfall and agile development processes and DevOps tools such as Azure
We value and support the well-being and mobility of our employees with competitive benefit packages, complementary e-learning training, work-life flexibility, an exciting External Referral Program, and a diverse, inclusive and ethical work place. In fact, in 2020, Leidos was ranked as one of the “World's Most Ethical Companies” by the Ethisphere Institute for the third consecutive year.
Please note that effective October 1, to enter Leidos facilities in the U.S. and to attend Leidos business events outside of our facilities, employees, vendors, subcontractors, and visitors will be required to be vaccinated or maintain proof of a weekly negative COVID-19 test. In addition, we are receiving guidance from the Department of Energy, that onsite contractor personnel will need to be fully vaccinated . If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible.
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.