Chief Information Security Officer leading the cybersecurity strategy at Sabyk for engineering and active defense. Overseeing security architecture and incident management with a focus on compliance.
VI
Hybrid Cloud Cybersecurity Manager – Military Community and Family Policy
Posted 2 months ago
About the role
- Cloud Cybersecurity Manager for Vistra Communications, providing cybersecurity oversight for DoD cloud environments. Key responsibilities include leading risk management and compliance initiatives across EC2 and GovCloud.
Responsibilities
- Provide comprehensive cyber and cloud security leadership ensuring all cloud environments are designed, maintained, and operated securely and efficiently.
- Develop and implement the overall cybersecurity strategy aligned with DoD, DISA, NIST (SP 800-53), FISMA, and MC&FP requirements.
- Lead cloud risk management and IT security compliance initiatives, including application of the Risk Management Framework (RMF) across all MC&FP systems.
- Oversee daily monitoring, threat detection, and incident handling for cloud-based resources, including AWS GovCloud environments.
- Implement advanced security architectures for predictive threat detection and proactive incident response.
- Maintain and regularly test contingency plans, disaster recovery (DR), and continuity of operations (COOP) procedures for cloud infrastructure.
- Provide direct support for vulnerability management, penetration testing, and mitigation of security risks.
- Ensure continued Authorization to Operate (ATO) status for cloud systems at relevant impact levels.
- Conduct bi-annual audits of IT and cybersecurity SOPs, documenting and remediating compliance gaps.
- Oversee routine and ad-hoc reporting of compliance status, incidents, and risk metrics through dashboards and official reports.
- Coordinate with Tier 2 CSSPs and government cyber teams to ensure seamless lifecycle management and reporting for incidents and vulnerabilities.
- Adhere to and enforce compliance with all applicable STIGs, SRGs, IAVAs, and other cybersecurity requirements.
- Catalog and inventory all cloud configuration items (CIs), and maintain an up-to-date configuration management (CM) database with strong data integrity and availability measures.
- Oversee review and implementation of secure configurations and baseline management for all cloud resources.
- Serve as Secretariat for the Configuration Control Board (CCB), maintaining records, policies, procedures, and facilitating CCB meetings.
- Manage the change control process for all information systems, networks, and security modifications.
- Lead or support scenario planning exercises, threat simulation labs, and cross-agency security drills.
- Identify and recommend the implementation of emerging security technologies, automation, and best practices to advance security posture.
- Develop and implement automated incident response workflows and playbooks.
- Serve as principal cloud security advisor to leadership, project managers, developers, and IT engineering teams.
- Collaborate with government stakeholders, technical teams, and external partners to ensure secure design, deployment, and operation of cloud systems.
- Provide cloud cybersecurity guidance and training to staff and ensure all stakeholders are informed of their security responsibilities.
- Ensure that account provisioning, privilege management, and access controls for cloud systems are implemented and regularly reviewed.
- Maintain compliance with the DoD Cyber Workforce Framework (DCWF), ensuring staff certifications and training are up to date.
Requirements
- A minimum of eight years of experience in managing cybersecurity projects of similar size and complexity to this requirement within a cloud environment.
- A minimum of eight years of experience with the NIST RMF, NIST SP 800-53, STIGs, Security Content Automation Protocol (SCAP), Information Assurance Vulnerability Alerts (IAVAs), and Federal Information Security Management Act (FISMA).
- Possess one of the following certifications: CISM, Certified Information Systems Security Officer (CISSO), Federal IT Security Professional-Manager (FITSP-M), GIAC Certified Intrusion Analyst Certification (GCIA), GIAC Cloud Security Automation (GCSA), GIAC Certified Incident Handler (GCIH), GIAC Security Leadership Certification (GSLC), Global Industrial Cyber Security Professional Certification (GICSP), CISSP-ISSMP, or CISSP
- Possess a minimum of a favorably adjudicated Tier 5 investigation.
- Prefer bachelor’s degree in computer science, IT, information systems, or a related field.
- Prefers a minimum of eight years of experience analyzing, assessing, and implementing corrective actions based on vulnerability management and penetration testing.
- Prefers minimum of eight years of experience supporting DoD defensive cyber operational activities, including, but not limited to, information system protection, defense, response (incident handling), reporting, and recovery.
Benefits
- Medical, dental, and vision benefits
- Life and disability insurance
- Employer matching 401(k) retirement plan
- Paid Time Off
- Parental and Bereavement Leave
- Professional Development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Product Specialist BDE responsible for advising on Networks and Cybersecurity at Datacom. Supporting development of product strategies and sales ideas to drive customer success.
CC
Security Guard at Commissionaires Nova Scotia ensuring safety, security, and protection for clients. Engaging veteran personnel in critical roles across various environment.
Fachkraft für Schutz und Sicherheit supporting public and private safety while protecting individuals and assets. Engage in preventing conflicts and recognizing dangers across various settings.
Senior Software Engineer at eBay developing cloud - native security services and mentoring teams. Focused on high availability and secure coding practices with a scalable infrastructure.
Project manager for IT infrastructure within IT security projects at DATAGROUP. Engaging in project management and communication with technical teams and clients.
Senior SAP Security Consultant designing future SAP security solutions for clients. Engaging with technological challenges and supporting digital transformation efforts.
Cybersecurity Compliance Consultant performing SOX IT compliance testing at Truist. Assessing corporate cybersecurity compliance and managing risk and compliance functions across various locations.
Cybersecurity Engineer managing identity and access controls for enterprise applications at Truist. Expertise in Microsoft Entra and troubleshooting access issues in complex environments.
IT Security Consultant conducting technical audits and consulting on cybersecurity for various sectors. Developing tailored security strategies and ensuring compliance with regulations.