The Information Security Manager is responsible for the implementation, management, security. and availability of all Contractor computer equipment and personnel on the Military One Source (MOS) contract. Responsible for Information Assurance (IA) related training, operational procedures, documentation and business processes required to obtain and retain official accreditation of the online resources by full compliance of DoD Information Assurance Risk Management Framework.
The MOS program provides for 5.2 million military members and their families at locations worldwide services similar to a commercial Employee Assistance Program (EAP) with a broad array of information and referrals as well as counseling services including adoption information, child care, exceptional family member programs, deployment support, disability information, elder care, educational services for adults, children and youth, spouse education and career information, relocation services, pet care, non-medical counseling, financial counseling, tax assistance, health and wellness coaching, housing assistance, legal service referrals, single service member services, lodging, military benefits, relationship support, parenting, spouse relocation and transition, peer-to-peer support, and everyday issues (e.g., locating a plumber, car repair). These services are available 24 hours a day, seven days a week (24/7), through the Internet, by telephone (via 800 number and collect calls), electronic mail (e-mail), postal mail, video counseling, and face-to-face counseling.
The Military One Source job postings are in anticipation of future work.
Leads efforts to ensure adequate security processes and solutions to mitigate or remediate identified risks sufficiently to meet business objectives, contractual and/or regulatory requirements
Leads incident response activities, ensuring security incidents are properly contained, eradicated, and recovered
Drives development of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification, and destruction.
Ensures proper security logs are generated and sent to the organization’s Security Information and Event Management (SIEM) system
Researches and implements emerging technologies to enhance the security portfolio
Persistently evaluates adherence with defined policies and standards
Leads efforts with identifying, remediating, and/or mitigating vulnerabilities in the environment, ensuring appropriate response to high risk and aged findings
Leads the development, design, implementation, and maintenance of a secure environment for the MOS Program
Ensures security processes and solutions are protected against a failure or attack that reduces the organization’s ability to respond to security incidents
Ensures processes and solutions are maintained securely and highly available to protect the confidentiality, integrity and availability of assets
Monitors and ensures systems revisions and patches are up to date
Manages and performs changes to the solutions and remove unnecessary services
Understands risks and impact to systems in the corporate environment and their interconnectivity
Performs forensic analysis and risk assessments for the entire environment
Designs and manages enterprise high-availability solutions running a complex arrangement of operating systems, including system updates, log analysis, access controls and backup
Performs changes to the solution configurations to add new services, adapt existing services, and removes unnecessary services.
Monitors, remediates, and mitigates security violations for network, devices, servers and other assets
Designs, implements, and maintains security guidelines and a security infrastructure for the MOS program
Develops technical solutions to autonomously verify compliance with required technical controls
Other duties as assigned
A Bachelor’s Degree from an accredited college or university in Computer IT, Management Information Systems, Computer Science, or other IT-related field to include course work in information security and program or project management
A minimum of five years of experience in IT involving information security or IT operations
Certified DoD 8570.01 – M – IAM Level III is REQUIRED
Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) (or Associate), GIAC Security Leadership (GSLC), or Certified Chief Information Security Officer (CCISO)
Must be an U.S. citizen
Must speak fluent English
Experience in a military environment
Former Military/Veteran, Military Spouse, or Wounded Warrior
Pay Range - -
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Backup child care
Unconscious bias training
Remote work policy
Part time policy
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 40,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021.