Senior Cybersecurity Manager

About The Position

Requirements

• U.S. Citizenship with at least an active DoD Secret clearance and the ability to obtain and maintain a Top Secret clearance.
• Bachelor’s Degree with 12+ years of experience or a Master’s Degree with 10+ years of experience. Additional experience may be considered in lieu of a degree.
• DoD 8140 IASAE III or higher professional cybersecurity certification (aka CISSP or equivalent)
• Strong understanding of networking concepts such as OSI Model, LAN/WAN, IPv4/IPv6, subnetting, VLANs, edge services & point-to-point VPN
• Experience with identity management & authentication tools such as LDAP, SAML, and PKI
• Experience with backup and recovery of on-prem and virtualized IT infrastructure
• Experience with the DoD Risk Management Framework (RMF) including assessment of risks and the managing, interpreting, and updating Plans of Action and Milestones (POA&Ms)
• Familiarity and experience with NIST cybersecurity guidelines including NIST SP 800-53 and SP 800-171
• Familiarity and experience with DoD cybersecurity operations including DoD and USAF instructions/guidelines
• Familiarity and experience with Special Access Program (SAP) cybersecurity and Operational Security (OPSEC) practices

Nice To Haves

• US Citizen with an active DoD Top Secret clearance and the ability to maintain your clearance during your employment with Leidos
• Experience managing cybersecurity teams in a DoD/USAF operational environment
• Experience as an Information Systems Security Officer/Engineer or Manager (ISSO/E or ISSM) for DoD or U.S. Federal Government Information Technology systems
• Experience interpreting system scanning tool outputs/assessments (ACAS/Nessus, SCAP, Fortify, Evaluate STIG, Open RMF, etc.) and determining the optimal means for cybersecurity findings remediation
• Familiarity with code scanning tools for Static Code Analysis, Third Party Code Provenance, Third Party Dependencies, Software Vulnerabilities, Container Health Assessment and Dynamic Code Analysis
• Experience with On-Prem and Cloud (AWS, Azure, Google Cloud, etc.) computing environments
• Experience with DevSecOps, Agile software development, and the SAFe Agile methodology
• Familiarity with log aggregation and SIEM tools such as Splunk, ELK, Grafana, Solar Winds, etc.
• Experience with Docker container and deployment technologies, such as Terraform, Kubernetes, OpenShift, Helm, EKS, AKS, Prisma Cloud, Rancher
• Familiarity with Jenkins CI/CD pipeline code building and tools and gating principles
• An understanding of the hardening of API Gateways and API Endpoints
• Atlassian Tools Suite experience (Bitbucket, Confluence, JIRA)
• Experience in designing and implementing VNet/VLAN ports, protocols and services settings

Responsibilities

• Establishing and maintaining efficient and effective cybersecurity postures for complex IT systems
• Supporting and working in partnership with SEIC-II staff, Air Force Mission Planning government contractor teams, and US Government uniformed & civilian customer management in the effective accomplishment of program objectives.
• Collaborating with diverse parties both within and outside of the SEIC-II and Air Force Mission Planning organizations to influence organizational or operational decisions by government leaders.
• Establishing and enforcing policies & protocols protecting SEIC-II and Air Force Mission Planning digital assets.
• Monitoring and minimizing technical security risks for current and Next-generation Mission Planning systems and operating environments.
• Influencing others to understand and accept new concepts, practices and approaches to securing systems and cybersecurity operations, directing activities having significant impact on achieving program objectives.
• Leading internal cybersecurity team efforts to respond to DoD data calls, recurring cybersecurity scorecard reports, NDAA and other Congressional, Joint Chiefs of Staff, and National Security-based inquiries relative to the cybersecurity posture of currently fielded Mission Planning Environments.
• Leading teams of technical security professionals investigating potential cybercrime or data breaches and mentor personnel in the technical conduct of research, investigations, and reporting products.
• Overseeing investigations to reveal the root cause of problems and issues with complex information systems.
• Periodically reviewing, editing, critiquing, and enhancing the work products of others to help improve their productivity, accuracy, and overall communications.
• Anticipating and proactively pushing for the implementation of future programmatic and cybersecurity needs as soon as such needs can be realistically forecast.