The IT Cyber Liaison serves as the primary coordination point between cybersecurity, IT operations, and external stakeholders to ensure timely identification, reporting, and remediation of cybersecurity risks. This role combines project management, vulnerability management, compliance oversight, and technical documentation responsibilities to support enterprise security objectives and regulatory requirements.
Key Responsibilities
Cybersecurity Project Management
Act as Project Manager for cyber-driven initiatives, coordinating schedules, deliverables, and cross-functional resources.
Ensure cybersecurity projects align with organizational priorities, compliance requirements, and operational constraints.
KEV Management and Reporting
Perform Known Exploited Vulnerabilities (KEV) reporting using platforms such as Tenable and Nucleus.
Review vulnerability scan results, assess risk impact, and produce accurate, timely reports for the PORTS site.
Coordinate and distribute KEV notifications across internal teams and external contractors, ensuring visibility and accountability.
KEV Remediation Coordination
Collaborate with User Support and System Administrator teams to determine and implement appropriate remediation strategies.
Track remediation progress, validate fixes, and ensure closure within required timelines.
Policy, Procedure, and Governance
Create, maintain, and update KEV management policies, procedures, and workflows.
Create, maintain, and update KEV remediation policies, procedures, and workflows.
Operational and Asset Support
Oversee equipment receiving processes and ensure proper tracking, configuration, and security compliance.
Provide support coordination to ensure assets meet cybersecurity and operational standards prior to deployment.
Security Metrics and Performance Evaluation
Evaluate and report on performance indicators to assess the effectiveness and quality of implemented security controls.
Identify trends, gaps, and improvement opportunities based on vulnerability and control performance data.
Documentation and Knowledge Transfer
Develop clear, concise instructional and technical documentation for complex security products and implementations.
Support enterprise-level, dynamic network environments by translating technical security concepts into actionable guidance for IT teams.
Bachelor’s degree in Information Technology, Cybersecurity, or a related field, and 8+ years of experience working in the Information Technology field, or 15+ years equivalent experience.
Strong understanding of IT change management, security controls, and remediation processes.
Proven ability to manage projects and coordinate across multiple technical teams.
Experience in regulated or government contracting environments.
Understanding of vulnerability scanning and reporting tools (e.g., Tenable, Nucleus).
Familiarity with KEV programs, NIST frameworks, or similar cybersecurity standards.
Security or project management certifications (e.g., Security+, CISSP, PMP) are a plus.
Cross-functional communication and coordination
Risk assessment and prioritization
Documentation and process development
Attention to detail and compliance awareness
Ability to translate cybersecurity requirements into operational action
Come break things (in a good way). Then build them smarter.
We're the tech company everyone calls when things get weird. We don’t wear capes (they’re a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for “how it’s always been done.”
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.