ISSO CTO

R-00181105

Description

Unleash Your Potential

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer’s success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. 

If this sounds like an environment where you can thrive, keep reading! 

The Mission

Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC), is a U.S. Government program responsible for preventing, identifying, containing, and eradicating cyber threats to CBP networks. The SOC safeguards enterprise-wide information systems—including LAN/WAN, cloud, commercial Internet connections, public-facing websites, mobile/cellular networks, servers, and workstations—through continuous monitoring, intrusion detection, and advanced security services. Leidos is seeking a Information System Security Officer (ISSO) Chief Technology Officer.

The ISSO CTO plays a critical role in ensuring security compliance, system resilience, and secure modernization of infrastructure and applications. This position requires deep technical expertise in systems engineering, cloud computing, and artificial intelligence (AI) technologies, combined with extensive governance, risk and compliance experience.

Primary Tasks:

• Provide cybersecurity oversight for major CBP applications and general support systems.
• Apply ISSO expertise across hybrid enterprise environments, including cloud-native platforms (AWS, Azure, Google Cloud Platform), containerized workloads, and virtualized infrastructure.
• Integrate AI/ML-driven security tools (threat detection, anomaly detection, behavioral analytics, predictive risk modeling) into security operations and compliance frameworks.
• Develop, draft, review and endorse all information systems security plans and other security authorization artifacts and documents such as:
• Standards for Security Categorization of Federal Information and Information Systems (FIPS 199) Assessment
• E-Authentication Determination
• Privacy Threshold Analysis (PTA)
• Privacy Impact Assessment (PIA)
• Risk Assessment Plan 
• System Security Plan (SSP) 
• Configuration Management Plan 
• Contingency Plan 
• Contingency Plan Test and Test Results
• Section 508 of the Rehabilitation Act Plan
• Plan of Action & Milestones (POA&Ms) Policy waiver and Risk Acceptance request
• Ensure that assigned systems are operated, maintained, and disposed of in accordance with applicable policies and procedures NIST SP 800-37, Rev 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy, DHS 4300A Policy and Handbook, CBP Information Systems Security Policies and Procedures Handbook (HB 1400-05D), and internal CBP (i.e., Office of Information Technology, Security Operations Division, etc.) security policies and practices 
• Develop, review, maintain, and provide system security documentation for assigned systems, including System Security Plans, Interconnection Security Agreements, Contingency Plans, Plans of Action and Milestones, (POA&M), Waivers, and Exceptions through the DHS FISMA system management tool in use to implement and manage the NIST Risk Management Framework. 
• Complete all activities required by the DHS Ongoing Authorization (OA) Program to transition assigned systems into the DHS OA Program and perform all required actions to maintain system authorization under OA once the system is admitted to the Program 
• Assist the Government with the reporting and management of system level security violations and incidents.
• Assist the Government with the technical security evaluation of threats and vulnerabilities involving new/enhanced technology. 
• Assist the Government with providing oversight to vulnerability scanning processes and procedures. · Assist the Government with providing oversight to security patch management/flaw remediation processes and procedures.
• Assist with the development of cyber security SOPs, playbooks, work instructions, and other procedures and processes to mature cyber security capabilities. · With consideration for cloud security architectures and AI-enabled systems.
• Ensure cloud-based systems and AI applications align with Zero Trust principles and CBP policy.
• Lead technical security evaluations of threats, vulnerabilities, and risks specific to cloud workloads and AI-driven technologies.
• Oversee vulnerability scanning, patch management, and flaw remediation across hybrid and AI-enabled infrastructures.
• Support the development of cybersecurity SOPs, playbooks, and AI/automation-enhanced workflows to mature SOC capabilities.

Basic Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline (Master’s preferred).
• 12+ years of IT/cybersecurity experience (or 6+ years with a Master’s).
• 5+ years as an ISSO supporting major federal information systems/applications.
• Strong systems engineering foundation with proven cloud computing expertise (AWS, Azure, GCP, or equivalent).
• Hands-on experience with AI/ML tools for cybersecurity, such as anomaly detection, automated risk scoring, or AI-driven SOC platforms.
• Working knowledge of auditing security controls, risk management, and compliance reporting.
• Superior writing, communication, and critical analysis skills.
• Deep understanding of Information Assurance, Information Management, and NIST Risk Management Framework (RMF).
• Preferred Qualifications:
• ISC2 Certified Information Systems Security Professional (CISSP)
• ISC2 Certified in Governance, Risk and Compliance (CGRC)
• ISACA Certified Information Security Manager (CISM)
• CompTIA Certified Advanced Security Practitioner (CASP+)
• Cloud certifications (AWS Certified Security, Azure Security Engineer Associate, Google Professional Cloud Security Engineer).
• Experience designing/assessing AI governance frameworks, bias/risk mitigation, and secure AI model deployment.

Clearance Requirement:

• All CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program
   

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: April 20, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range: Pay Range $131,300.00 - $237,350.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.