View Job

Information Security Governance Specialist

Leidos | Orlando FL 32899 USA | Full Time | Posted: 07/12/2019

Job Descriptiontop

Job Description:

Leidos is seeking an Information Security Governance Specialist to join our Corporate Information Security Group in Reston - VA or Orlando - FL.

In this role, you will report directly to the Director of Cybersecurity Governance and work within our Computer Information Security (CIS) department to define and communicate cyber governance and compliance priorities. You will be responsible for providing cybersecurity governance and compliance expert guidance, process improvement, reporting and metrics at the enterprise level. You will also be responsible for defining precise cybersecurity service delivery workflows and processes in the context of ITIL, ensuring adherence to the Leidos cybersecurity framework and cybersecurity processes for continual oversight to ensure Cybersecurity Governance compliance of internal and external regulations, policies and laws on a global scale. This role will also be in charge of analyzing the business model for information security and articulate the interrelations among the organizational design and strategy, people, process and technology elements. This position requires understanding of the interconnections of governance, Leidos corporate culture, and enabling and supporting the business while ensuring adherence of information security governance requirements to protect Leidos information and assets. In addition, the role will be responsible for monitoring compliance against requirements, reporting issues and working to identify remediation options/solutions.

  • Ensure adherence to the Leidos Cybersecurity Governance framework and establish processes for continual compliance of internal and external regulations, policies and laws
  • Track progress of adoption, maturity and degree of compliance through governance processes and dashboard metrics/KPIs
  • Create and implement a strategy for cybersecurity Governance services and oversight workflows based off of ITIL information security management processes framework methodology
  • Perform key cybersecurity maturity assessments and report regularly on key capability maturity activities
  • Ensure completeness of governance controls and documentation
  • Ensure any new controls and processes are integrated into the CIS Governance Framework
  • Lead or participate as needed in cross-functional teams to integrate processes (change, risk management, governance, etc.) in support of CIS Governance and operational aspects of the business
  • Proactively track, challenge and drive to closure all Cybersecurity owned issues (e.g. audit findings) and maintain oversight
  • Define and communicate cybersecurity governance and compliance priorities
  • Establish and maintain regular written and in-person communications pertinent to cybersecurity governance and security activities
  • Help develop, maintain, evaluate and implement policies and procedures in line with both business requirements and national and international legislative changes
  • Work with Line, Cyber and IT personnel to ensure awareness and alignment of ongoing industry and best practice compliance obligations.

  • Bachelor's degree in Information Systems or a related field and minimum 8 years of Cybersecurity or Information Security related experience. Additional years of relevant experience and / or professional certifications will be considered in lieu of Bachelor's degree.
  • Demonstrated knowledge OF and operational understanding of ITIL (v4) Foundation and Information Security Management concepts
  • Demonstrated knowledge and operational understanding of Cybersecurity Laws and regulations in both the U.S. and abroad impacting data protection and the confidentiality, integrity and availability of systems and data including NIST Cybersecurity Framework (CSF), NIST Special Publication 800-171 (DFARS), NIST Special Publication 800-53, ISO 27001, GDPR, etc.
  • Excellent oral and written communication skills with an ability to translate security and operational controls or gaps into residual risk and identify mitigations
  • Strategic mindset and demonstrated ability to understand leadership's long term visions and articulate such into the development of near term plans to achieve strategic goals
  • Strong interpersonal skills and professionalism to foster collaboration on resolution of compliance gaps and issues.
  • Ability to build strong partnerships and relationships with organizational entities outside of CIS
  • Strong understanding, experience and knowledge of DevOps and DevSecOps concepts
  • Experience with activities to include system security plans, contingency plans, incident response plans, configuration management plans, security control requirements and assessments, Plan of Action and Milestones (POA&M), and training requirements consistent with common frameworks e.g., NIST
  • US Citizenship is required and able to obtain security clearance

  • Certification(s): Information Technology Infrastructure Library (ITIL) v4 Foundation Certification and Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA), or Federal Information Technology Specialist Manager or Auditor (FITSP-M or A)


Job Detailstop

Location Orlando, FL, 32899, United States
Categories Information Technology

Location Maptop

Contact Informationtop

Contact Name -
How to apply Employer provided a link where your application will be accepted. Click on the link below and follow instructions.
Apply Click Here (apply to job)
Job Code 4231844

Featured Employers - view all