Cybersecurity Infrastructure and Risk Manager at Land Systems – Sterling Heights, Michigan

Position Title: Cybersecurity Infrastructure and Risk Manager

Location: Sterling Heights, MI, United States

Category: Program/Project Management

Job Type: Full-Time

Country: United States

State: MI

City: Sterling Heights

Remote Work Options: On-Site

Security Clearance Required: Ability to obtain security clearance

Career Level: Senior

Requisition ID: 17542446

Description: About the Role:

The Cybersecurity Infrastructure and Risk Manager will work within the broader security unit and report to the Chief Information Security Officer. General Dynamics Land Systems (GDLS) is seeking a strong leader, communicator, and problem solver for this position. This position will require an in-depth knowledge of cybersecurity principles, technologies, regulations, and best practices.

The Cybersecurity Infrastructure and Risk Manager will oversee a team responsible for network and cloud security, risk and compliance tracking and reporting, continuous monitoring, vulnerability management, and security reviews of architecture and privileged user access requests for a cleared defense contractor.

In this position, you will also collaborate with other security and IT professionals, supply chain management personnel, business continuity team personnel, and senior IT leadership.

Company Information:

General Dynamics is a successful Fortune 100, global aerospace, and defense company, with over 90,000 employees world-wide. GDLS, a business unit of General Dynamics, has a strong foundation of delivering core engineering and manufacturing capabilities to our clients for military vehicles. Our team is focused on continuous process and productivity improvements that reduce product costs, while increasing troop safety and effectiveness. Land Systems continues to work with the US Armed Forces and its Allies to ensure these vehicles remain survivable, relevant, flexible, affordable, and capable of addressing a dynamic threat environment.

What We Offer:

GDLS offers a Total Rewards package that is Impactful and built for you.

• Healthcare including medical, dental, vision, HSA and Flex Spending
• Competitive base pay and incentive pay that rewards individual and team performance, and comprehensive benefits.
• 401k Match (6%)
• Educational Assistance
• 9-80 Work Schedule (This position's standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday and to take every other Friday off)
• On-going learning opportunities within a diverse, inclusive and rewarding work environment
• Onsite cafeteria, remodeled offices and fitness center, and outdoor fitness track

The duties and responsibilities of the Cybersecurity Infrastructure and Risk Manager (CIRM) include the following:

• Governance, risk, and compliance (GRC) for information technology, defense industrial base, and operational technology environments.
• Artificial Intelligence (AI) governance framework and AI risk assessments
• Enforce continuous monitoring methods for risk and security assessment tracking and reporting
• Information Technology Service Management (ITSM) ticket processing for security approvals, risk assessments, architecture reviews for security control implementations, and security policy variance reviews
• Vulnerability scanning tools configuration and operations
• NIST SP 800-171, NIST SP 800-172, and Cybersecurity Maturity Model Certification (CMMC) requirements and assessment methods, templates, and processes implementations
• Management of a risk and compliance team of enterprise and cloud cyber security engineers and analysts
• Stay informed about emerging cybersecurity technologies and trends and work with the technical solutions team to vet existing tools against new offerings to improve attack surface management.
• Foster a culture of security awareness within the organization, educating employees about cybersecurity best practices.
• Assist Business Continuity managers in updating and implementing disaster recovery and business continuity plans.
• Assist with efforts to detect, respond to, and recover from major cybersecurity incidents.
• Step into the Information Security Officer (ISO) role when the primary Information Security Officer is unavailable.
• Work weekly with the IT team to ensure timely patch and vulnerability management.
• Manage, review, and improve processes for patch and vulnerability management.
• Reduce cyber risk by overseeing and expanding vulnerability scanning.
• Ensure the confidentiality, integrity, and availability of data residing on or transmitted through enterprise infrastructure.
• Oversee cyber security audits and develop remediation practices to ensure compliance with company and contract rules and regulations for the handling of sensitive information.
• Oversee and execute Cyber Security Awareness and Training to GDLS employees

Qualifications:

• Bachelor's degree in computer science or information technology.
• Master's degree in a computer-related discipline (preferred).
• Proven experience in cybersecurity management roles.
• 10+ years of direct work experience in a cybersecurity capacity.
• One of more of these Cybersecurity certifications (CISSP, CGRC, CISM, CISA, SecurityX).
• Self-starter, able to operate independently and in changing environments.
• Advanced written, oral, and interpersonal communication skills.
• Ability to present ideas in business-friendly and user-friendly language.
• Ability to obtain a United States Secret Security Clearance (usually requires U.S. citizenship status).

Experience with the following regulatory agencies and guidelines:

• NIST SP 800-171 and NIST SP 800-172
• NIST Risk Management Framework (RMF)
• Cybersecurity Maturity Model Certification (CMMC)
• Federal Risk and Authorization Management Program (FedRAMP)
• Center for Internet Security (CIS) hardening requirements
• Microsoft Azure government and commercial cloud

Headquartered in Reston, Virginia, General Dynamics is a global aerospace and defense company offering a broad portfolio of products and services in business aviation; ship construction and repair; land combat vehicles, weapons systems and munitions; and technology products and services. General Dynamics employs more than 100,000 people across 65 countries worldwide and in all 50 U.S. states, more information is available at www.gd.com. General Dynamics Land Systems, is a business unit of General Dynamics, and is an innovative leader of ground combat systems' equipment and software for our clients. Our performance-driven team partners with the U.S. Army, U.S. Marine Corp and other militaries across the Globe to ensure that next generation ground combat vehicles are ready to protect our fighting men and women in uniform. General Dynamics Lands Systems provides a competitive compensation package, site specific flexible work schedules, 401(k) with Company Match; Bonus Eligibility, Employee Development Opportunities, Tuition Reimbursement, On-site Amenities, and comprehensive Medical/Dental/Vision Insurance.

As an Equal Opportunity Employer, General Dynamics Land Systems ("GDLS") provides all persons with equal opportunity and access to all aspects of employment process, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, marital status, age, disability, status as a protected veteran, or membership in any group protected by federal, state, or local anti-discrimination laws. GDLS also is committed to providing reasonable accommodations to individuals with disabilities and disabled veterans.. If, due to a disability, you need an accommodation to search or apply for an opportunity with GDLS, please call 586-825-4000 or send an e-mail to for assistance and let us know the nature of your request and your contact information.
About the Role:

The Cybersecurity Infrastructure and Risk Manager will work within the broader security unit and report to the Chief Information Security Officer. General Dynamics Land Systems (GDLS) is seeking a strong leader, communicator, and problem solver for this position. This position will require an in-depth knowledge of cybersecurity principles, technologies, regulations, and best practices.

The Cybersecurity Infrastructure and Risk Manager will oversee a team responsible for network and cloud security, risk and compliance tracking and reporting, continuous monitoring, vulnerability management, and security reviews of architecture and privileged user access requests for a cleared defense contractor.

In this position, you will also collaborate with other security and IT professionals, supply chain management personnel, business continuity team personnel, and senior IT leadership.

Company Information:

General Dynamics is a successful Fortune 100, global aerospace, and defense company, with over 90,000 employees world-wide. GDLS, a business unit of General Dynamics, has a strong foundation of delivering core engineering and manufacturing capabilities to our clients for military vehicles. Our team is focused on continuous process and productivity improvements that reduce product costs, while increasing troop safety and effectiveness. Land Systems continues to work with the US Armed Forces and its Allies to ensure these vehicles remain survivable, relevant, flexible, affordable, and capable of addressing a dynamic threat environment.

What We Offer:

GDLS offers a Total Rewards package that is Impactful and built for you.

• Healthcare including medical, dental, vision, HSA and Flex Spending
• Competitive base pay and incentive pay that rewards individual and team performance, and comprehensive benefits.
• 401k Match (6%)
• Educational Assistance
• 9-80 Work Schedule (This position's standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday and to take every other Friday off)
• On-going learning opportunities within a diverse, inclusive and rewarding work environment
• Onsite cafeteria, remodeled offices and fitness center, and outdoor fitness track

The duties and responsibilities of the Cybersecurity Infrastructure and Risk Manager (CIRM) include the following:

• Governance, risk, and compliance (GRC) for information technology, defense industrial base, and operational technology environments.
• Artificial Intelligence (AI) governance framework and AI risk assessments
• Enforce continuous monitoring methods for risk and security assessment tracking and reporting
• Information Technology Service Management (ITSM) ticket processing for security approvals, risk assessments, architecture reviews for security control implementations, and security policy variance reviews
• Vulnerability scanning tools configuration and operations
• NIST SP 800-171, NIST SP 800-172, and Cybersecurity Maturity Model Certification (CMMC) requirements and assessment methods, templates, and processes implementations
• Management of a risk and compliance team of enterprise and cloud cyber security engineers and analysts
• Stay informed about emerging cybersecurity technologies and trends and work with the technical solutions team to vet existing tools against new offerings to improve attack surface management.
• Foster a culture of security awareness within the organization, educating employees about cybersecurity best practices.
• Assist Business Continuity managers in updating and implementing disaster recovery and business continuity plans.
• Assist with efforts to detect, respond to, and recover from major cybersecurity incidents.
• Step into the Information Security Officer (ISO) role when the primary Information Security Officer is unavailable.
• Work weekly with the IT team to ensure timely patch and vulnerability management.
• Manage, review, and improve processes for patch and vulnerability management.
• Reduce cyber risk by overseeing and expanding vulnerability scanning.
• Ensure the confidentiality, integrity, and availability of data residing on or transmitted through enterprise infrastructure.
• Oversee cyber security audits and develop remediation practices to ensure compliance with company and contract rules and regulations for the handling of sensitive information.
• Oversee and execute Cyber Security Awareness and Training to GDLS employees

Qualifications:

• Bachelor's degree in computer science or information technology.
• Master's degree in a computer-related discipline (preferred).
• Proven experience in cybersecurity management roles.
• 10+ years of direct work experience in a cybersecurity capacity.
• One of more of these Cybersecurity certifications (CISSP, CGRC, CISM, CISA, SecurityX).
• Self-starter, able to operate independently and in changing environments.
• Advanced written, oral, and interpersonal communication skills.
• Ability to present ideas in business-friendly and user-friendly language.
• Ability to obtain a United States Secret Security Clearance (usually requires U.S. citizenship status).

Experience with the following regulatory agencies and guidelines:

• NIST SP 800-171 and NIST SP 800-172
• NIST Risk Management Framework (RMF)
• Cybersecurity Maturity Model Certification (CMMC)
• Federal Risk and Authorization Management Program (FedRAMP)
• Center for Internet Security (CIS) hardening requirements
• Microsoft Azure government and commercial cloud

Headquartered in Reston, Virginia, General Dynamics is a global aerospace and defense company offering a broad portfolio of products and services in business aviation; ship construction and repair; land combat vehicles, weapons systems and munitions; and technology products and services. General Dynamics employs more than 100,000 people across 65 countries worldwide and in all 50 U.S. states, more information is available at www.gd.com. General Dynamics Land Systems, is a business unit of General Dynamics, and is an innovative leader of ground combat systems' equipment and software for our clients. Our performance-driven team partners with the U.S. Army, U.S. Marine Corp and other militaries across the Globe to ensure that next generation ground combat vehicles are ready to protect our fighting men and women in uniform. General Dynamics Lands Systems provides a competitive compensation package, site specific flexible work schedules, 401(k) with Company Match; Bonus Eligibility, Employee Development Opportunities, Tuition Reimbursement, On-site Amenities, and comprehensive Medical/Dental/Vision Insurance.

As an Equal Opportunity Employer, General Dynamics Land Systems ("GDLS") provides all persons with equal opportunity and access to all aspects of employment process, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, marital status, age, disability, status as a protected veteran, or membership in any group protected by federal, state, or local anti-discrimination laws. GDLS also is committed to providing reasonable accommodations to individuals with disabilities and disabled veterans.. If, due to a disability, you need an accommodation to search or apply for an opportunity with GDLS, please call 586-825-4000 or send an e-mail to for assistance and let us know the nature of your request and your contact information.