This job has expired

You will need to login before you can apply for a job.

Security Compliance Manager

Frederick National Laboratory for Cancer Research
Frederick, MD
Start date
Aug 3, 2022

View more

Regulatory, Legal/Compliance
Required Education
Bachelors Degree
Position Type
Full time
You need to sign in or create an account to save a job.

Job Details

Security Compliance Manager

Job ID: req2434
Employee Type: exempt full-time
Division: Enterprise Information Technology
Facility: Frederick: Ft Detrick
Location: PO Box B, Frederick, MD 21702 USA

The Frederick National Laboratory is a Federally Funded Research and Development Center (FFRDC) sponsored by the National Cancer Institute (NCI) and operated by Leidos Biomedical Research, Inc.  The lab addresses some of the most urgent and intractable problems in the biomedical sciences in cancer and AIDS, drug development and first-in-human clinical trials, applications of nanotechnology in medicine, and rapid response to emerging threats of infectious diseases.

Accountability, Compassion, Collaboration, Dedication, Integrity and Versatility; it's the FNL way.

 Position Overview:


The Information Security and Compliance Office (ISCO) is a part of the Enterprise Information Technology (EIT) Directorate within Leidos Biomed.  The ISCO provides IT security auditing, engineering, and incident response support for the Frederick National Laboratory for Cancer Research (FNLCR) and the National Cancer Institute – Frederick.  The mission of the Information Systems Program is to develop an enterprise-level, consolidated information technology infrastructure that provides exceptional IT capabilities to the Frederick National Labs for Cancer Research (NCI-Frederick/FNLCR) in support of basic, translational, and clinical cancer and AIDS research.  ISCO supports the life cycle of information security for the scientific mission and administrative functions of the NCI-Frederick/FNLCR, to ensure the availability of information systems, protect the integrity of information, and protect the confidentiality of intellectual property and patient data.  


The responsibility of this position may include, but is not limited to, privacy, consulting, auditing, operations, documentation, monitoring, and engineering for information systems security. Management of the compliance team members and managing their priorities. Essential duties involve close coordination with all information system owners, and includes: 

  • Privacy Impact Assessments (PIA)s of all Major/Minor/GSS systems
  • Obtaining security authorizations for systems under the authority of  NCI-Frederick/FNLCR by conducting IT Security audits of the network and devices for Federal Information Security Management (FISMA) compliance 
  • Ensuring NCI-Frederick/FNLCR information systems maintain appropriate operational security posture consistent with the FISMA, working in close collaboration with information system owners
  • Serving as an advisor on matters involving the security of NCI-Frederick/FNLCR information systems, and provides security awareness and training to NCI-Frederick personnel, customers, and users 
  • Developing and ensuring compliance with FNCLR security policies, standards, and procedures 
  • Monitoring NCI-Frederick/FNLCR information systems and environments of operations, including developing and updating security plans, managing and controlling changes to NCI-Frederick/FNLCR information systems, and assessing security impact
  • Developing and assessing information security requirements for NCI-Frederick/FNLCR, and ensuring information system owners integrate and implement security requirements into the design, development, and configuration of information systems 
  • Coordinating security-related activities with the Information System Security Officers (ISSO), Information System Owners, and common control providers
  • This person will serve as the manager of the team and perform some the tasks mentioned above 


To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

  • Possession of Bachelor’s degree from an accredited college/university according to the Council for Higher Education Accreditation (CHEA) or four (4) years relevant experience in lieu of degree.  Foreign degrees must be evaluated for U.S. equivalency
  • In addition to the education requirement, a minimum of four (4) years of progressively responsible experience, including two (2) years of experience in a management capacity 
  • Experience must include functioning as an analyst or equivalent for compliance auditing, information security, information systems, business operations, or related field  
  • Experience performing assessments using NIST guidelines such as 800-53 and 800-171
  • Practical understanding and application of the NIST Risk Management Framework
  • Work independently and make decisions regarding complex issues with appropriate consultation of peers, cross-functional teams, and supervisors 
  • Must be analytical and able to analyze complex information, synthesize disparate data sources, and communicate effectively
  • Must be able to develop technical documentation and non-technical presentations; and, express information in a clear, concise, and organized manner, both verbally and in writing
  • Must be detail-oriented and possess strong organizational and project management skills with the ability to prioritize multiple tasks/projects
  • Demonstrate working knowledge of standards and guidelines for Information Security published by the National Institute of Standards and Technology (NIST)
  • Working knowledge and expertise required for administering the information security aspects of information systems in compliance with regulations and directives of FISMA, the Office of Management and Budget (OMB), and the Health Insurance Portability and Accountability Act (HIPAA)
  • Proficient with Microsoft Office suite and online research tools, including open-source tools and methodologies
  • Ability to obtain and maintain a security clearance 


Candidates with these desired skills will be given preferential consideration:

  • Prior experience managing staff

Equal Opportunity Employer (EOE) | Minority/Female/Disabled/Veteran (M/F/D/V) | Drug Free Workplace (DFW)



A rewarding career with global impact

Whether you’re an expert in your field or just starting out, we have a career opportunity for you. We’re always looking for people to join us in fulfilling the mission of the Frederick National Laboratory: discovery, innovation, and success in the biomedical sciences.

Our team of 2,400+ scientists, technicians, administrators, and support staff work at the forefront of basic, translational, and preclinical science, with a focus on cancer, AIDS, and other infectious diseases.

We collaborate with colleagues across the National Cancer Institute, National Institutes of Allergy and Infectious Diseases, and others throughout the National Institutes of Health. We also engage with extramural investigators in academia, government and industry.

Your path to joining our team begins with the desire to work for the only national laboratory dedicated to biomedical research. Our employees share a common desire to help make a difference in cancer research and public health concerns. As you search for a career that fits your education, skills, and abilities, explore the core values that guide us and emphasize work-life balance.

Discover why joining the Frederick National Laboratory team could be the most important career step you take



Instagram   Facebook  Twitter

Find Us
8560 Progress Drive
United States
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert