CyberSecurity Manager (AI/Data Security Specialist KP)

Description

Join our innovative Medical Telehealth Support Contract team, where you'll play a vital role in delivering cutting-edge remote healthcare services to Military Health System beneficiaries. As part of this dynamic program, you'll collaborate with top professionals to enhance patient care through advanced telehealth technologies and streamlined processes. We're looking for passionate individuals who are ready to make a real impact, ensuring patients receive the best care no matter where they are. With a focus on excellence, security, and innovation, this is your chance to be at the forefront of healthcare's digital transformation. If you're driven by quality and a commitment to patient safety, this opportunity is your next career move.

The Cybersecurity and AI Data Security Manager provides strategic and operational leadership for all information systems, cybersecurity, and AI data security activities across the program. This role serves as the primary contractor point of contact for cybersecurity functions and is accountable for compliance with all applicable DoD, DISA, U.S. Cyber Command, and MC&FP cybersecurity directives, including DISA IAVM requirements, STIGs, SRGs, PPSM guidance, and related IT/cyber mandates. The manager oversees the security of computers, networks, systems, and databases for all program tasks and subtasks, leading incident response, vulnerability management, patching, configuration management, disaster recovery, and high-availability solutions to ensure the confidentiality, integrity, and availability of program assets.

In addition, this position is responsible for the security and governance of AI systems and data within GNAL-NG, ensuring AI-enabled capabilities adhere to patient safety, accuracy, privacy, HIPAA, and DoD security standards. The Cybersecurity and AI Data Security Manager conducts AI performance and risk audits, drives risk mitigation efforts, and partners with Quality Assurance to embed AI quality and safety controls into operational workflows. The role manages cybersecurity and IT staff; leads the development and implementation of security policies, standards, and technical controls; ensures logging and integration with SIEM platforms; and produces all documentation required to obtain and maintain ATO/ATO-C. Through continuous monitoring, forensic analysis, and adoption of emerging security technologies, the manager ensures that security processes and solutions effectively mitigate risk and meet business, contractual, and regulatory requirements for the program.

Primary Responsibilities:

• Provide strategic and operational leadership for all information systems, cybersecurity, and AI data security activities across the program.
• Serve as the primary contractor point of contact for all cybersecurity and information assurance functions.
• Ensure compliance with all applicable DoD and DISA requirements, including DISA IAVM mandates, STIGs, SRGs, PPSM guidance, and directives from the DoD CIO, U.S. Cyber Command, DISA, and MC&FP.
• Oversee the design, implementation, and maintenance of secure environments and security architectures, including all tasks and subtasks.
• Lead, supervise, and develop cybersecurity and IT staff responsible for security operations, engineering, and compliance activities.
• Manage AI systems and data security protocols within GNAL-NG to ensure adherence to patient safety, accuracy, privacy, HIPAA, and DoD security standards.
• Conduct regular AI performance and risk audits; oversee AI risk mitigation protocols and collaborate with Quality Assurance to integrate AI quality and safety controls.
• Lead efforts to obtain and maintain Authority to Operate (ATO) and ATO with Conditions (ATO-C), including ownership of all required security documentation and evidence.
• Develop, implement, and maintain security policies, standards, procedures, and plans to protect corporate and program data.
• Oversee incident response activities, ensuring timely containment, eradication, recovery, root cause analysis, and lessons learned for security incidents.
• Ensure generation, collection, and transmission of security logs to the Security Information and Event Management (SIEM) system, and oversee continuous security monitoring.
• Identify, remediate, and mitigate vulnerabilities across systems, networks, and applications, ensuring timely response to high-risk findings.
• Monitor and ensure that system revisions, security patches, and configuration changes are implemented and maintained in a timely manner.
• Manage solution configurations by adding new services, adapting existing ones, and removing unnecessary services in alignment with security best practices and PPSM guidance.
• Design and manage high-availability and disaster recovery solutions, including RTO objectives, backups, access controls, log analysis, and failover capabilities.
• Conduct forensic analysis, risk assessments, and security evaluations of the corporate and program environments.
• Monitor, investigate, and remediate security violations across networks, devices, servers, databases, and other assets.
• Research, evaluate, and implement emerging security and AI-related technologies to enhance security capabilities and automation.
• Develop solutions to autonomously verify compliance with required technical controls and continuously evaluate adherence to defined security policies and standards.
• Collaborate with internal and external stakeholders to ensure clear communication, alignment, and direction for maximum cybersecurity and AI data protection efforts.

Required Qualifications:

• Bachelors degree and 12+ years of progressive combination of experience in information systems, security/cybersecurity, AI data security including hands-on technical operations.
• 3+ years of experience in AI or data management in healthcare including healthcare AI ethics, patient safety, and data privacy regulations.
• Experience in designing and overseeing AI quality and risk mitigation protocols for healthcare. Specialized experience in technical integration, security measures, and identifying security risks.
• Demonstrated experience working within DoD, federal, or similarly regulated environments.
• Experience managing security for complex, distributed IT environments (networks, servers, endpoints, databases, cloud/hybrid).
• Experience with Authority to Operate (ATO/ATO-C) processes, RMF (Risk Management Framework), and development of security documentation and evidence.
• Experience with disaster recovery, high availability, and business continuity planning (e.g., RTO/RPO objectives).
• Experience with AI/ML systems, data security, or governance (e.g., model risk, data privacy, validation) strongly preferred.

Preferred Qualifications:

• Veteran/military retiree and/or military spouse.
• Experience working with and/or for military communities.
• Master's degree in Cybersecurity, Information Assurance, or related discipline preferred.
• Relevant professional certifications strongly preferred (e.g., CISSP, CISM, CISA, CCSP, CASP+, CEH, GIAC, or similar).

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

#Remote