FreshRemote.Work

Information System Security Manager (ISSM)

6314 Remote/Teleworker US

The Leidos Health and Civil Sector is seeking an Information System Security Manager (ISSM) who is interested in working in a fast-paced environment to establish a robust security posture for a government information system for a new federal agency.  The successful candidate will provide oversight and enforcement of Cyber Security policies and procedures to maintain a holistic security approach for the lifecycle of the system.  The ISSM will report directly to the agency Chief Information Security Officer (CISO).  The ISSM will serve as the Subject Matter Expert (SME) as part of the Security Team and technical domain. In addition, the role requires oversight of a Cybersecurity Team and ensures their compliance with established information security requirements.

This position is remote (In the US) with up to 10% travel.

Candidates MUST:

Be currently located in the United States for the current three consecutive years and have the ability to obtain a Public Trust Clearance.

Other skills and responsibilities include, but are not limited to:

  • Hands-on experience enforcing information protection policies in an unclassified environment.
  • Proficient with a major cloud services platform, i.e., GCP, Azure, AWS, SaaS applications, etc.
  • Documents compliance activities in accordance with the governing authority approved authorization package.
  • Develop, implement, and enforce Information Security Policies and Procedures.
  • Evaluates proposed changes or additions to the information system and advises senior site leadership of the security relevance.
  • Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring.
  • Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered.
  • Develops and implements an effective system security education, training, and awareness program.
  • Maintains a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
  • Performing risk assessments and documenting results in a RAR and keeping the risk assessment current throughout the acquisition/development portion of the system life cycle.
  • Certifying to the AO, in writing, that the requirements and implementation procedures listed within the security plan are in accordance with the NISPOM, NIST SP 800-53, etc.
  • Maintains the system in accordance with the security plan and Authorization to Operate (ATO).

Required Qualifications

  • Bachelor's Degree, and minimum ten (10) years of experience.
  • Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP)
  • Detailed understanding of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards.
  • 3 years’ experience as an ISSM or 5 years’ experience as a Sr. ISSO.
  • Experienced in one or more cloud computing services and technologies including but not limited to: AWS, Microsoft Azure, Google Cloud to assist in the preparation of management plans and reports.

Desired Certification

  • Cloud certification is a plus

hhsnih

Original Posting Date:

2024-11-25

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $122,200.00 - $220,900.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Apply

Job Profile

Regions

North America

Countries

United States

Restrictions

Ability to obtain a public trust clearance Ability to obtain public trust clearance Located in the United States for the current three consecutive years Must be located in the US for 3 years Remote/Teleworker US

Benefits/Perks

Fast-paced environment Hands-on experience Public trust clearance Training Trust Up to 10% travel

Tasks
  • Conduct risk assessments
  • Develop
  • Development
  • Develop security training programs
  • Document compliance activities
  • Documenting
  • Enforce security policies
  • Implement
  • Maintain
  • Oversee cybersecurity team
  • Participate in security audits
  • Risk Assessment
  • Risk Management
Skills

Acquisition Assessment AWS Azure Business CISM CISSP Cloud Cloud Computing Cloud Services Compensation Compliance Cyber Cybersecurity Cyber Security Data Education GCP Google Google Cloud Implementation Incident Response Information security Information Systems Security Leadership Management Microsoft Microsoft Azure Monitoring NIST NIST SP 800-53 Public Trust Clearance Risk Assessment Risk assessments Risk Management Risk Management Framework RMF SaaS Security Security audits Security measures Security policies Security posture Technical Training Training and awareness Writing

Experience

10 years

Education

AS Bachelor Bachelor's Bachelor's degree Business Cyber security Degree Information Security Information Systems Security Technical

Certifications

AWS Certified Information Security Manager Certified information systems security professional CISM CISSP Microsoft azure NIST Public Trust Public Trust clearance SP

Timezones

America/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9