Information Systems Security Manager

Description

The Dynetics-Leidos group has an opening for an Information Systems Security Manager to work in our San Diego, CA office. The ISSM is responsible for the management and technical administration of  SIPRNET (Secret Internet Protocol Router Network) secure communication infrastructure within the organization. The ISSM will serve as the Subject Matter Expert (SME) within the Information Assurance technical domain and, more specifically, for organizational SIPRNET (Secret Internet Protocol Router Network) enclaves across the enterprise. The ISSM will oversee day-to-day information system security operations, resolve complex problems, and develop innovative solutions to meet changing security requirements. Ability to work independently as well as with a team of analysts, information technology management and staff, and site management.  The ideal candidate will be adaptable to diverse office situations, procedures, and demands.

Primary Responsibilities

This role may include a combination of duties to protect information and maintain security controls for an entire system, site, or program in order to reduce risk.

• Oversee and manage SIPRNet services across multiple sites and advise senior site leadership of established security policies and guidelines.

• Coordinate and participate in security audits and assessments to ensure that site SIPRNET infrastructure meets the required security standards and complies with regulations.

• Lead sites in establishing and sustaining the cybersecurity of SIPRNet enclave connections.

• Coordinate SIPRNet connections for sites per the guidance outlined in the Defense Information System Network Connection Process Guide.

• Ensure SIPRNet systems are configured and sustained per the DoD, U.S. Cyber Command, and JFHQ-DODIN guidance.

• Provide training and awareness on security protocols, best practices, and Command Cyber Readiness Inspection preparation for organizational and site leadership.

• Conduct site CCRI self-assessments for all SIPRNet sites within the organization.

• Develops and leads Information Security projects from conceptualization to full deployment and user acceptance.

• Create comprehensive training programs focused on information assurance, data security, cybersecurity best practices, and relevant policies and procedures.

• Design training materials, including manuals, operating procedures, presentations, assign online courses, and other resources.

• Coordinate technical training on security tools, software, and technologies used within the organization to enhance the skills of IT staff and other relevant personnel.

• Develop and lead training on how to respond to security incidents, including reporting procedures, containment, eradication, recovery, and post-incident analysis.

• Develop and maintain a comprehensive onboarding plan for new hires, outlining the orientation process, training schedules, and integration into the team and company culture.

• Develop and implement a robust tracking system to monitor the progress and completion of IA staff training programs, ensuring accurate and timely recording of training milestones, assessments, and certifications.

• Implement and manage the Risk Management Framework (RMF) Continuous Monitoring process by utilizing an automated ticketing system, ensuring accurate tracking, monitoring, and reporting of security controls, vulnerabilities, and remediation efforts within the organization's information systems.

• Manages staff to deliver Cyber Operations, Cyber process improvements, and Cyber project execution.

• Continuous monitoring, analysis, and response to Information System network and security events.

• Documents compliance activities in accordance with the governing authority-approved authorization package.

• Develop procedures and documentation to ensure compliance with Configuration Management (CM) for security-relevant Information System (IS) software, hardware, and firmware.

• Ensures systems are operated, maintained, and disposed of in accordance with the governing authority-approved authorization package and customer directives.

• Evaluate proposed changes or additions to the information system and advise senior site leadership of the security relevance.

• Develop and conduct cybersecurity education and training.

Mentor other information assurance professionals in the art of cybersecurity and secure software development practices

• Participates in internal/external security audits/assessments/inspections; participates in the risk management process; performs risk assessments and Continuous Monitoring

• Leads investigations of computer security violations and incidents, reporting as necessary to both the Facility Security and Senior Program Managers.

• Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered

• Working with the Facility Security Officer (FSO), develop, implement, and manage a formal Information Security/Information Systems Security Program.

• Develop, implement, and enforce Information Security Policies and Procedures.

• Author, review, and update IS Authorization documentation (Body of Evidence) to support IS Assessment and Authorization activities

Basic Qualifications

• An active DoD Secret clearance is required for consideration.

• Bachelor’s degree in an IT-related subject matter area from an accredited college or university and 12+ years of experience in an IT-related position with at least 10 years being in an operational cyber security-specific role (e.g., information system security manager, information system security officer, cyber security specialist) or have 15+ years of experience in an IT related position with at least 10 of those years in an operational cyber security specific role.

• At least 12 years of IT Team leadership and management experience, preferably 10 years of Cyber management experience.

• Detailed understanding of the Risk Management Framework (RMF), National Institute of Standards and Technology (NIST), and Committee on National Security Systems (CNSS) cyber security requirements and guidance, cybersecurity-related risk management techniques.

• Familiarity with network technologies (LAN & WAN) and best practices within a classified environment, including crypto and key management.

• Working knowledge of Microsoft Windows (workstation & server) and Linux operating systems in a secure network environment.

• Experience with compliance scanning tools and vulnerability scanning tools (e.g., Tenable).

• Must be able to work in a constantly changing regulatory environment with short-, mid-and long-term timelines for remediating any non-compliance.

• Must be able to work well within a team environment and adapt quickly to change.

• Excellent verbal and written communication skills.

• DoD 8570 IAM Level I certified.

• Past or current ISSM/ISSO experience.

• Extensive experience with Secret Internet Protocol Router Network (SIPRNet) enclaves and governing policies.

Preferred Qualifications

• Current DoD Top Secret clearance

• Proficient in using Microsoft Windows and Linux operating systems and cloud computing.

• Experience with developing policies, procedures, and guidance to include providing artifacts for the RMF process.

Pay Range:

Pay Range $118,300.00 – $213,850.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

To apply for this job please visit itjobpro.com.