What are the responsibilities and job description for the Cybersecurity Infrastructure and Risk Manager position at General Dynamics Land Systems US?
About the Role:
The Cybersecurity Infrastructure and Risk Manager (CIRM) will oversee teams responsible for network and cloud security architecture, security investigations along with vulnerability and compliance requirements for a cleared defense contractor. The CIRM will work within the broader security unit and report to the Chief Information Security Officer. General Dynamics Land Systems (GDLS) is seeking a strong leader, communicator, and problem solver for this position. This position will require an in-depth knowledge of cybersecurity principles, technologies, regulations, and best practices.
In this position, you will collaborate with other security and IT professionals, Supply Chain Management and business continuity teams and senior IT leadership.
Company Information:
General Dynamics is a successful Fortune 100, global aerospace, and defense company, with over 90,000 employees world-wide. GDLS, a business unit of General Dynamics, has a strong foundation of delivering core engineering and manufacturing capabilities to our clients for military vehicles. Our team is focused on continuous process and productivity improvements that reduce product costs, while increasing troop safety and effectiveness. Land Systems continues to work with the US Armed Forces and its Allies to ensure these vehicles remain survivable, relevant, flexible, affordable, and capable of addressing a dynamic threat environment.
Hybrid or onsite
What We Offer:
GDLS offers a Total Rewards package that is Impactful and built for you.
The duties and responsibilities of the Cybersecurity Infrastructure and Risk Manager (CIRM) include the following:
Oversee the design and implementation of secure system architectures, both on prem and in the cloud, ensuring compliance with NIST standards for the handling of Controlled Unclassified Information (CUI).
Work with IT and cyber security to develop and implement best practices for cloud security management.
Regularly review requests for network architecture changes from a cybersecurity perspective and provide detailed feedback to ensure cybersecurity compliance with existing contracts and NIST, FAR and DFAR standards.
Supervise the gap analysis of GDLS network design and architecture against NIST, FAR and DFAR standards and develop a plan of action and milestones to address findings and update the Site Security Plan as appropriate.
Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
Stay informed about emerging cybersecurity technologies and trends and work with the technical solutions team to vet existing tools against new offerings to improve attack surface management.
Foster a culture of security awareness within the organization, educating employees about cybersecurity best practices.
Assist Business Continuity managers in updating and implementing disaster recovery and business continuity plans.
Assist with efforts to detect, respond to, and recover from major cybersecurity incidents. Also step into the ISO role when the primary Information Security Officer is unavailable.
Work weekly with the IT team to ensure timely patch and vulnerability management.
Manage, review, and improve processes for patch and vulnerability management.
Reduce cyber risk by overseeing and expanding vulnerability scanning.
Ensure the confidentiality, integrity, and availability of data residing on or transmitted through enterprise infrastructure.
Oversee cyber security audits and develop remediation practices to ensure compliance with company and contract rules and regulations for the handling of sensitive information.
Oversee and execute Cyber Security Awareness and Training to GDLS employees.
Qualifications:
Bachelor’s degree in computer science or information technology.
Master’s degree in a computer-related discipline (preferred).
Proven experience in cybersecurity management roles.
10 years of direct work experience in a cybersecurity capacity.
Certification in CISSP, CCSP and/or ISSAP.
Self-starter, able to operate independently and in changing environments.
Advanced written, oral, and interpersonal communication skills.
Ability to present ideas in business-friendly and user-friendly language.
Ability to obtain a United States Secret Security Clearance (usually requires U.S. citizenship status).
Experience with the following:
NIST 800-171 and 800-53
NIST Risk Management Framework (RMF)
Federal Risk and Authorization Management Program (FedRAMP)
Tenable Security Center Infrastructure
Center for Internet Security (CIS) hardening requirements
Microsoft Azure government and commercial cloud
The Cybersecurity Infrastructure and Risk Manager (CIRM) will oversee teams responsible for network and cloud security architecture, security investigations along with vulnerability and compliance requirements for a cleared defense contractor. The CIRM will work within the broader security unit and report to the Chief Information Security Officer. General Dynamics Land Systems (GDLS) is seeking a strong leader, communicator, and problem solver for this position. This position will require an in-depth knowledge of cybersecurity principles, technologies, regulations, and best practices.
In this position, you will collaborate with other security and IT professionals, Supply Chain Management and business continuity teams and senior IT leadership.
Company Information:
General Dynamics is a successful Fortune 100, global aerospace, and defense company, with over 90,000 employees world-wide. GDLS, a business unit of General Dynamics, has a strong foundation of delivering core engineering and manufacturing capabilities to our clients for military vehicles. Our team is focused on continuous process and productivity improvements that reduce product costs, while increasing troop safety and effectiveness. Land Systems continues to work with the US Armed Forces and its Allies to ensure these vehicles remain survivable, relevant, flexible, affordable, and capable of addressing a dynamic threat environment.
Hybrid or onsite
- Due to the nature of the work, this role requires on-site presence up to 80%
What We Offer:
GDLS offers a Total Rewards package that is Impactful and built for you.
- Healthcare including medical, dental, vision, HSA and Flex Spending
- Competitive base pay and incentive pay that rewards individual and team performance, and comprehensive benefits.
- 401k Match (6%)
- Educational Assistance
- 9-80 Work Schedule (This position’s standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday to take every other Friday off)
- On-going learning opportunities within a diverse, inclusive and rewarding work environment
- Onsite cafeteria, remodeled fitness center, and outdoor fitness track
The duties and responsibilities of the Cybersecurity Infrastructure and Risk Manager (CIRM) include the following:
Oversee the design and implementation of secure system architectures, both on prem and in the cloud, ensuring compliance with NIST standards for the handling of Controlled Unclassified Information (CUI).
Work with IT and cyber security to develop and implement best practices for cloud security management.
Regularly review requests for network architecture changes from a cybersecurity perspective and provide detailed feedback to ensure cybersecurity compliance with existing contracts and NIST, FAR and DFAR standards.
Supervise the gap analysis of GDLS network design and architecture against NIST, FAR and DFAR standards and develop a plan of action and milestones to address findings and update the Site Security Plan as appropriate.
Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
Stay informed about emerging cybersecurity technologies and trends and work with the technical solutions team to vet existing tools against new offerings to improve attack surface management.
Foster a culture of security awareness within the organization, educating employees about cybersecurity best practices.
Assist Business Continuity managers in updating and implementing disaster recovery and business continuity plans.
Assist with efforts to detect, respond to, and recover from major cybersecurity incidents. Also step into the ISO role when the primary Information Security Officer is unavailable.
Work weekly with the IT team to ensure timely patch and vulnerability management.
Manage, review, and improve processes for patch and vulnerability management.
Reduce cyber risk by overseeing and expanding vulnerability scanning.
Ensure the confidentiality, integrity, and availability of data residing on or transmitted through enterprise infrastructure.
Oversee cyber security audits and develop remediation practices to ensure compliance with company and contract rules and regulations for the handling of sensitive information.
Oversee and execute Cyber Security Awareness and Training to GDLS employees.
Qualifications:
Bachelor’s degree in computer science or information technology.
Master’s degree in a computer-related discipline (preferred).
Proven experience in cybersecurity management roles.
10 years of direct work experience in a cybersecurity capacity.
Certification in CISSP, CCSP and/or ISSAP.
Self-starter, able to operate independently and in changing environments.
Advanced written, oral, and interpersonal communication skills.
Ability to present ideas in business-friendly and user-friendly language.
Ability to obtain a United States Secret Security Clearance (usually requires U.S. citizenship status).
Experience with the following:
NIST 800-171 and 800-53
NIST Risk Management Framework (RMF)
Federal Risk and Authorization Management Program (FedRAMP)
Tenable Security Center Infrastructure
Center for Internet Security (CIS) hardening requirements
Microsoft Azure government and commercial cloud
Senior Project Manager - Civil (PE License)
Infrastructure Engineering -
Hamtramck, MI
Sr. Cybersecurity Analyst, Risk Management
Lucid Motors -
Southfield, MI
Project Management Consultant
STACK Cybersecurity -
Livonia, MI
