CPMO Cybersecurity Manager
Company: Leidos
Location: Arlington
Posted on: May 9, 2022
Job Description:
Description Job Description:The Defense Group at Leidos as an
exciting opportunity -on our GSM-O II IDIQ contract's Joint Service
Provider (JSP) Cyber Security Task Order in Alexandria, VA. JSP
provides a full range of IT products, services, and solutions and
customer services to the Office of the Secretary of Defense (OSD),
Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff
(JS), Director of Administration (DA), Pentagon Force Protection
Agency (PFPA), Washington Headquarters Services (WHS), and other
OSD offices for them to meet mission and business requirements.
Through the JSP Cyber Security program, JSP performs a wide variety
of services and functions required to secure the information
security posture for DoD services. The CPMO Cybersecurity Manager
is responsible for developing processes and procedures to
communicate, report, and distribute cyber direction at the Program
level to all ISSMs, ISSOs, and Information Security Owners within
JSP's IT portfolio, as well as maintain, establish, and monitor RMF
transactions within the JSP Implementation plan, process/review AOR
requests, and ensure compliance with all NIST, DoD, DISA, and JSP
policies and procedures. Responsibilities include:
- Create Cyber policies and memos outlining cybersecurity
processes and procedures.
- Develop/review data security policies using data security
standards, guidelines, and requirements that include privacy,
authentication, access control, retention, disposal, incident
management, disaster recovery, and configuration.
- Review AOR Request across program level and ensure control
inheritance is properly applied.
- Ensure all personnel adhere to and ISs are compliant with
DISA's cyber security policy.
- Ensure the implementation of and compliance with DISA's cyber
security policy within their organizations, - as defined by the
Authorizing Official.
- Maintain a repository for all directorate and organizational
cyber security-related documentation.
- Monitor compliance with cyber security policy, as appropriate,
and review the results of such monitoring.
- Evaluate the effectiveness of solutions implemented to provide
the required protection of data, including appropriate
authenticator management and encryption controls.
- Identify improvement actions through a POA&M based on
reviews, assessments, and other data sources.
- Manage the CCP access via eMASS
- Audit Removable Media, Data Writes, and Data Write
Authorization groups and approvals annually
- Act in a liaison role to help assist embedded ISSO for
organizational Information Systems throughout the Risk Management
Framework (RMF) process.
- Create Project Management Plans (PMP) for systems, scheduling
and preparing Kick-Off meetings, creating and maintaining
appointment orders in - Enterprise Mission Assurance Support
Service (eMASS), and sending escalations when timelines (based on
the PMP) are not being adhered to.
- Support internal and external inspections such as the Command
and Control Readiness Inspections (CCRI) performed by DISA
- Process Removable Media Exemptions request for the user
community.
- Prepare project plans and execute the implementation of RMF for
assigned systems, perform control validation activities, initiate
the Plan of Actions & Milestones (POA&M), and compile
supporting artifacts in eMASS.
- Monitor compliance with cyber security policy, as appropriate,
and review the results of such monitoring.
- Evaluate the effectiveness of solutions implemented to provide
the required protection of data, including appropriate
authenticator management, encryption controls, and patch and
vulnerability management processes.
- Review strategic IT infrastructure security technologies that
meet operating unit goals and mission.
- Identify improvement actions through a POA&M based on
reviews, assessments, and other data sources.
- Host, develop agenda/topics, and materials for reoccurring
meetings/working groups with responsible parties (ISO, ISSM, and PM
levels) to share, teach, and provide relevant Cyber
information
- Conduct reviews, provide recommendations and create a reports
outlining the baseline and inheritance controls for all JSP
Information Systems
- Maintain a repository for all directorate and organizational
cyber security-related documentation. Basic Qualifications:
- Active Secret clearance or higher (program can support up to
TS/SCI)
- DoD 8570 IAM I certification or higher
- Bachelor's degree with 8-12 years of prior experience; add'l
experience may be considered in lieu of degree
- Demonstrated knowledge of cyber security policies and technical
cyber security protection measures
- Experience with eMASS management to include implementation and
quality review, auditing of exception groups, inheritance, and
tracking configuration changes
- Proficient with RMF process, NIST SP 800-37, NIST SP 800-53,
CNS-SI 1253
- Managing, Creating, and Tracking timelines and deliverables,
while ensuring processes and procedures are adhered for a large
number of Information Systems.
- Demonstrates successful track record for delivering
large/complex projects on time and within budget within DoD
organizations;
- Demonstrates knowledge in the planning, development,
coordination, implementation and execution of policies and projects
at an organizational level;
- Creating Metrics and good presentation skills
- Help customers to understand the authorization process, and
up-date/modify A&A procedures as necessary. Streamline the
process to make the process easy to follow but cover all concerned
security aspects.
- Customer service skills both verbal and written GSMOTN10 Pay
Range:
Keywords: Leidos, Arlington , CPMO Cybersecurity Manager, Executive , Arlington, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...