About the Role:
The Cybersecurity Infrastructure and Risk Manager will work within the broader security unit and report to the Chief Information Security Officer.General Dynamics Land Systems (GDLS) is seeking a strong leader, communicator, and problem solver for this position.This position will require an in-depth knowledge of cybersecurity principles, technologies, regulations, and best practices.
The Cybersecurity Infrastructure and Risk Manager will oversee a team responsible for network and cloud security, risk and compliance tracking and reporting, continuous monitoring, vulnerability management, and security reviews of architecture and privileged user access requests for a cleared defense contractor.
In this position, you will also collaborate with other security and IT professionals, supply chain management personnel, business continuity team personnel, and senior IT leadership.
Company Information:
General Dynamics is a successful Fortune 100, global aerospace, and defense company, with over 90,000 employees world-wide. GDLS, a business unit of General Dynamics, has a strong foundation of delivering core engineering and manufacturing capabilities to our clients for military vehicles. Our team is focused on continuous process and productivity improvements that reduce product costs, while increasing troop safety and effectiveness. Land Systems continues to work with the US Armed Forces and its Allies to ensure these vehicles remain survivable, relevant, flexible, affordable, and capable of addressing a dynamic threat environment.
What We Offer:
GDLS offers a Total Rewards package that is Impactful and built for you.
- Healthcare including medical, dental, vision, HSA and Flex Spending
- Competitive base pay and incentive pay that rewards individual and team performance, and comprehensive benefits.
- 401k Match (6%)
- Educational Assistance
- 9-80 Work Schedule (This position's standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday and to take every other Friday off)
- On-going learning opportunities within a diverse, inclusive and rewarding work environment
- Onsite cafeteria, remodeled offices and fitness center, and outdoor fitness track
The duties and responsibilities of the Cybersecurity Infrastructure and Risk Manager (CIRM) include the following:
- Governance, risk, and compliance (GRC) for information technology, defense industrial base, and operational technology environments.
- Artificial Intelligence (AI) governance framework and AI risk assessments
- Enforce continuous monitoring methods for risk and security assessment tracking and reporting
- Information Technology Service Management (ITSM) ticket processing for security approvals, risk assessments, architecture reviews for security control implementations, and security policy variance reviews
- Vulnerability scanning tools configuration and operations
- NIST SP 800-171, NIST SP 800-172, and Cybersecurity Maturity Model Certification (CMMC) requirements and assessment methods, templates, and processes implementations
- Management of a risk and compliance team of enterprise and cloud cyber security engineers and analysts
- Stay informed about emerging cybersecurity technologies and trends and work with the technical solutions team to vet existing tools against new offerings to improve attack surface management.
- Foster a culture of security awareness within the organization, educating employees about cybersecurity best practices.
- Assist Business Continuity managers in updating and implementing disaster recovery and business continuity plans.
- Assist with efforts to detect, respond to, and recover from major cybersecurity incidents.
- Step into the Information Security Officer (ISO) role when the primary Information Security Officer is unavailable.
- Work weekly with the IT team to ensure timely patch and vulnerability management.
- Manage, review, and improve processes for patch and vulnerability management.
- Reduce cyber risk by overseeing and expanding vulnerability scanning.
- Ensure the confidentiality, integrity, and availability of data residing on or transmitted through enterprise infrastructure.
- Oversee cyber security audits and develop remediation practices to ensure compliance with company and contract rules and regulations for the handling of sensitive information.
- Oversee and execute Cyber Security Awareness and Training to GDLS employees
Qualifications:
- Bachelor's degree in computer science or information technology.
- Master's degree in a computer-related discipline (preferred).
- Proven experience in cybersecurity management roles.
- 10+ years of direct work experience in a cybersecurity capacity.
- One of more of these Cybersecurity certifications (CISSP, CGRC, CISM, CISA, SecurityX).
- Self-starter, able to operate independently and in changing environments.
- Advanced written, oral, and interpersonal communication skills.
- Ability to present ideas in business-friendly and user-friendly language.
- Ability to obtain a United States Secret Security Clearance (usually requires U.S. citizenship status).
Experience with the following regulatory agencies and guidelines:
- NIST SP 800-171 and NIST SP 800-172
- NIST Risk Management Framework (RMF)
- Cybersecurity Maturity Model Certification (CMMC)
- Federal Risk and Authorization Management Program (FedRAMP)
- Center for Internet Security (CIS) hardening requirements
- Microsoft Azure government and commercial cloud
|
General Dynamics Land Systems
401(k)
Mar 27, 2026