Information Systems Security Officer (ISSO) Team Lead

Description

The Leidos Digital Modernization Sector is seeking an experienced an Information Systems Security Manager (ISSO) Team Lead to support the Military Sealift Command Business Systems Branch (N6). The Military Sealift Command (MSC) Business Systems Branch (Code N611) manages, operates, and maintains the Command's Business Systems, as well as interfaces with Navy Enterprise Defense Business Systems. MSC's Business Systems are comprised of several software intensive systems designed to provide business activity support to globally assigned ashore and afloat personnel.

The Information Systems Security Manager (ISSO) Team Lead will work with the other Contractor ISSO's to manage MSC systems. ISSO Team Lead is a key personnel position designated as IAM Level II and will be required to meet the requirements for that position at time of hire or within six (6) months with written MSC ISSM approval.

Primary Responsibilities:

The Information Systems Security Manager (ISSO) Team Lead shall develop and manage all aspects of Business Systems projects in accordance with the BSPMP to include (i.e. Project Briefs, Charters, Project Schedules, and Technical Project Plans, etc.). * Lead and oversee a team of ISSOs providing cybersecurity and information assurance support for MSC's Integrated Business Systems (IBS) across ashore and afloat environments. * Ensure compliance with RMF (Risk Management Framework) processes including Assessment & Authorization (A&A), continuous monitoring, and authority to operate (ATO) lifecycle management for multiple systems. * Coordinate and support Information Assurance Vulnerability Management (IAVM), ensuring timely patching, mitigation, and reporting of vulnerabilities across systems. * Manage, review, and support the development of system-specific Cybersecurity SOPs, STIG compliance, and cybersecurity audit readiness documentation. * Support the configuration, design, and implementation of system security controls in accordance with DoD, DoN, and MSC cybersecurity policies and technical standards. * Collaborate with engineering, development, operations, and program management teams to integrate cybersecurity requirements and ensure system security architecture and configurations are implemented securely. * Maintain accurate cybersecurity documentation in platforms such as eMASS, VRAM, and the MSC SharePoint Dashboard. * Support ISSM and MSC N611 BSM in the development and implementation of cybersecurity strategies, architecture assessments, and technical upgrade plans. * Ensure compliance with applicable instructions including DoDD 8140.01, SECNAVINST 5239.20A, SECNAV M-5239.2, and COMSCINST 5239.3B. * Lead the ISSO team's participation in audits, inspections, and compliance reviews, including the production of cybersecurity performance metrics and risk assessments. * Represent the ISSO function in key meetings such as PMRs, BSPMP reviews, and Configuration Control Boards (CCBs). * Support the implementation of Continuous ATO strategies and Zero Trust initiatives within the MSC cybersecurity framework. Basic Qualifications: * Bachelor of Science (BS) Degree in Cybersecurity, Computer Science, Engineering or Math. * IAM Level II required at time of hire or within six (6) months with written MSC ISSM approval. * Certified Authorization Professional (CAP), CompTIA Advanced Security Practitioner (CASP+) CE, Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or Associate, GIAC Security Leadership Certification (GSLC) or Higher-level certification. Experience: * Minimum of five (5) years of DoD/DoN IT and Cybersecurity experience, including direct experience with Navy systems and shipboard cybersecurity environments. * At least five (5) years of experience supervising or leading cybersecurity professionals, preferably in a program involving multiple geographically dispersed teams. * Minimum three (3) years of experience applying RMF processes, including security authorization, vulnerability assessments, and POA&M management. * Demonstrated experience with tools and platforms such as eMASS, VRAM, Nessus, ACAS, and familiarity with DISA STIGs and SCAP benchmarks. * Familiarity with DoD 8570/8140 workforce requirements, including management of personnel qualifications and training compliance. * Strong understanding of Navy cybersecurity compliance directives, including NIST SP 800-53/800-171, DoDI 8510.01, and COMSC cybersecurity policies. * Experience supporting DevSecOps environments and integrating cybersecurity into Agile Software Development Life Cycle (SDLC). * Experience with afloat systems and shipboard deployments is highly preferred, including knowledge of network segmentation and afloat IA constraints.

Basic Qualifications:

Bachelor of Science (BS) Degree in Cybersecurity, Computer Science, Engineering or Math. * IAM Level II required at time of hire or within six (6) months with written MSC ISSM approval. * Certified Authorization Professional (CAP), CompTIA Advanced Security Practitioner (CASP+) CE, Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or Associate, GIAC Security Leadership Certification (GSLC) or Higher-level certification.

Minimum of five (5) years of DoD/DoN IT and Cybersecurity experience, including direct experience with Navy systems and shipboard cybersecurity environments. * At least five (5) years of experience supervising or leading cybersecurity professionals, preferably in a program involving multiple geographically dispersed teams. * Minimum three (3) years of experience applying RMF processes, including security authorization, vulnerability assessments, and POA&M management. * Demonstrated experience with tools and platforms such as eMASS, VRAM, Nessus, ACAS, and familiarity with DISA STIGs and SCAP benchmarks. * Familiarity with DoD 8570/8140 workforce requirements, including management of personnel qualifications and training compliance. * Strong understanding of Navy cybersecurity compliance directives, including NIST SP 800-53/800-171, DoDI 8510.01, and COMSC cybersecurity policies. * Experience supporting DevSecOps environments and integrating cybersecurity into Agile Software Development Life Cycle (SDLC). * Experience with afloat systems and shipboard deployments is highly preferred, including knowledge of network segmentation and afloat IA constraints.