CyberSecurity Manager (AI/Data Security Specialist KP)

Join our innovative Medical Telehealth Support Contract team, where you'll play a vital role in delivering cutting-edge remote healthcare services to Military Health System beneficiaries. As part of this dynamic program, you'll collaborate with top professionals to enhance patient care through advanced telehealth technologies and streamlined processes. We're looking for passionate individuals who are ready to make a real impact, ensuring patients receive the best care no matter where they are. With a focus on excellence, security, and innovation, this is your chance to be at the forefront of healthcare's digital transformation. If you're driven by quality and a commitment to patient safety, this opportunity is your next career move.

The Cybersecurity and AI Data Security Manager provides strategic and operational leadership for all information systems, cybersecurity, and AI data security activities across the program. This role serves as the primary contractor point of contact for cybersecurity functions and is accountable for compliance with all applicable DoD, DISA, U.S. Cyber Command, and MC&FP cybersecurity directives, including DISA IAVM requirements, STIGs, SRGs, PPSM guidance, and related IT/cyber mandates. The manager oversees the security of computers, networks, systems, and databases for all program tasks and subtasks, leading incident response, vulnerability management, patching, configuration management, disaster recovery, and high-availability solutions to ensure the confidentiality, integrity, and availability of program assets.

In addition, this position is responsible for the security and governance of AI systems and data within GNAL-NG, ensuring AI-enabled capabilities adhere to patient safety, accuracy, privacy, HIPAA, and DoD security standards. The Cybersecurity and AI Data Security Manager conducts AI performance and risk audits, drives risk mitigation efforts, and partners with Quality Assurance to embed AI quality and safety controls into operational workflows. The role manages cybersecurity and IT staff; leads the development and implementation of security policies, standards, and technical controls; ensures logging and integration with SIEM platforms; and produces all documentation required to obtain and maintain ATO/ATO-C. Through continuous monitoring, forensic analysis, and adoption of emerging security technologies, the manager ensures that security processes and solutions effectively mitigate risk and meet business, contractual, and regulatory requirements for the program.

Primary Responsibilities:

• Provide strategic and operational leadership for all information systems, cybersecurity, and AI data security activities across the program.
• Serve as the primary contractor point of contact for all cybersecurity and information assurance functions.
• Ensure compliance with all applicable DoD and DISA requirements, including DISA IAVM mandates, STIGs, SRGs, PPSM guidance, and directives from the DoD CIO, U.S. Cyber Command, DISA, and MC&FP.
• Oversee the design, implementation, and maintenance of secure environments and security architectures, including all tasks and subtasks.
• Lead, supervise, and develop cybersecurity and IT staff responsible for security operations, engineering, and compliance activities.
• Manage AI systems and data security protocols within GNAL-NG to ensure adherence to patient safety, accuracy, privacy, HIPAA, and DoD security standards.
• Conduct regular AI performance and risk audits; oversee AI risk mitigation protocols and collaborate with Quality Assurance to integrate AI quality and safety controls.
• Lead efforts to obtain and maintain Authority to Operate (ATO) and ATO with Conditions (ATO-C), including ownership of all required security documentation and evidence.
• Develop, implement, and maintain security policies, standards, procedures, and plans to protect corporate and program data.
• Oversee incident response activities, ensuring timely containment, eradication, recovery, root cause analysis, and lessons learned for security incidents.
• Ensure generation, collection, and transmission of security logs to the Security Information and Event Management (SIEM) system, and oversee continuous security monitoring.
• Identify, remediate, and mitigate vulnerabilities across systems, networks, and applications, ensuring timely response to high-risk findings.
• Monitor and ensure that system revisions, security patches, and configuration changes are implemented and maintained in a timely manner.
• Manage solution configurations by adding new services, adapting existing ones, and removing unnecessary services in alignment with security best practices and PPSM guidance.
• Design and manage high-availability and disaster recovery solutions, including RTO objectives, backups, access controls, log analysis, and failover capabili