FreshRemote.Work

Compliance Security Lead

6314 Remote/Teleworker US

Leidos has an immediate need for a Compliance Security Lead, contingent upon contract award.

The Compliance Security Lead will lead the implementation and improvement of administrative and technical controls of the Information Security Management System for the program. The selected candidate will create and deploy the corporate governance framework for cybersecurity risk, including identifying risks and awareness, and provide briefings to senior leaders to advise them of critical issues that may affect business or security posture. Help conduct security and privacy assessments. Assess and create and execute remediation plan for the same.

Role will be hybrid. Must be local to the DC Metro area for onsite meetings in Reston, Rockville, Silver Spring  or DC.

Be US Citizen or US Person (Green Card Holder) with the ability to obtain a level 5 Public Trust Clearance.

Primary Responsibilities

  • Lead projects, define priorities, and articulate tradeoffs as you advocate for continually improving the state of our information security and IT compliance functions
  • Lead, support, and mentor security and compliance teams in secure development practices
  • Act as a security and compliance subject matter expert and resource within the broader organization
  • Develop and lead strategies for the governance, risk and compliance functions across the company that support transformation of the security function
  • Ensure exposure to cybersecurity risks are identified and managed at an acceptable level
  • Maintain a security risk registry with clearly defined owners and timelines for each risk
  • Lead, coordinate, track and report all cybersecurity-related external assessments and internal audits including action plans and responses
  • Lead and deliver security training and awareness programs
  • Drive continuous improvement across all aspects of managing product security vulnerability reports and inquiries, communicating product security information to customers amongst other customer-related issues
  • Build solid working relationships with business stakeholders to maintain and improve product and application security processes
  • Interacting with project management team members and vendors on application projects
  • Implement and remediating security weaknesses, audit user system activity, perform security exercises, coordinate and perform all Authority to Operate (ATO) activities and related documentation requirements.

Basic Qualifications

  • BS degree in Computer Science or related technical field and 7 years of prior relevant experience
  • Leadership experience in cybersecurity
  • Ability to obtain a Public Trust Clearance
  • Good understanding of popular application security standards including OWASP TOP 10 and SANS TOP 25
  • Strong understating of Single Sign-on (SSO) and Multi-factored authentication (MFA)
  • Knowledge/experience in data protection tools and techniques
  • Knowledge/experience in identity access management tools and common networking protocols
  • Act as a security and compliance subject matter expert and resource within the broader organization
  • Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences
  • Knowledge of NIST security controls and Risk Management Framework, Zero Trust Models and awareness and training programs

Preferred Qualifications

  • Certifications such as: CISSP, CISM or CISA is desired
  • Static Code Analysis, DAST Penetration Testing, Intrusion Detection/Prevention, etc.
  • Previous experience in software development and/or cloud infrastructure operations.
  • Cloud Security and/or Networking Professional certification.

hhsfda

Original Posting Date:

2024-10-30

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Apply

Job Profile

Regions

North America

Countries

United States

Restrictions

Ability to obtain a public trust clearance Hybrid role Must be local to DC metro area Must be US citizen or green card holder Remote/Teleworker US US Citizen or US Person

Benefits/Perks

Continuous improvement Hybrid work Onsite meetings Public trust clearance Training Trust

Tasks
  • Analysis
  • Conduct security assessments
  • Continuous Improvement
  • Coordinate audits
  • Deliver security training
  • Develop
  • Develop governance framework
  • Development
  • Documentation
  • Drive continuous improvement
  • Implement
  • Lead implementation of security controls
  • Lead projects
  • Manage cybersecurity risks
  • Mentor security teams
  • Project management
  • Risk Management
  • Security management
  • Software development
  • Testing
Skills

Analysis Application Security Audit Cloud Cloud Infrastructure Cloud Security Code Analysis Communication Compensation Compliance Computer Computer Science Continuous Improvement Cybersecurity Data Data Protection Documentation Education Governance Governance Framework Identity Access Management Implementation Information security Infrastructure Internal Audits Intrusion Detection IT IT compliance Leadership Management MFA Multi-factor authentication Networking Networking Protocols NIST NIST security controls Operations Organization Penetration Testing Prevention Project Management Remediation Risk Management Risk Management Framework Security Security Controls Security management Security posture Security standards Security Training Single-Sign-On Software Software Development Spring SSO Static Code Analysis Support Teams Technical Testing Training Training Programs Verbal communication Zero trust models

Experience

7 years

Education

AS B.S. in Computer Science Business Computer Science Degree Information Security IT Related technical field Science Security Software Development Technical Technical field

Certifications

CISA CISM CISSP NIST Privacy Professional certification Project Management Public Trust Public Trust clearance SANS

Timezones

America/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9