United States onlyQualifications:
- Bachelor’s degree in Information Technology, Computer Science, or other related fields
- Active Top Secret clearance
- Must have 15+ years of experience or hold Certified Information Systems Security Professional (CISSP) with 10+ years of experience
- Must have deep understanding of information security concepts such as access control, Network security, Cryptography, and Vulnerability management.
- Must have experience in managing security projects and responding to Security Incident and managing security professionals.
- Must have experience with the Risk Management Framework (RMF) and the NIST 800-53 Rev 5 controls
Duties:
- Establish, document, and maintain organization-wide security standards, procedures, and best practices.
- Ensure policies align with federal and industry cybersecurity regulations and agency-specific requirements.
- Design, develop, and implement network security architectures including Intrusion Detection and Prevention Systems (IDS/IPS).
- Oversee integration of security solutions across systems and networks.
- Conduct security engineering for enterprise IT environments, including both on-premise and cloud-based systems.
- Oversee security operations to ensure real-time monitoring and detection of threats.
- Manage security tools, sensors, and solutions, including patch management, encryption systems, and access control mechanisms.
- Track performance and maintain compliance with industry standards and regulations (e.g., FISMA, ISO 27001).
- Lead efforts to respond to and remediate security incidents.
- Manage investigations, coordinate responses, and implement corrective actions.
- Ensure documentation and reporting of incidents align with DOJ and federal guidelines.
- Manage security-related projects and teams, ensuring delivery of cybersecurity objectives.
- Supervise and mentor information security professionals and ensure knowledge transfer within the team.
- Provide strategic direction on risk management and continuous improvement.
- Apply and enforce the Risk Management Framework (RMF) and the NIST 800-53 Revision 5 controls for federal information systems.
- Ensure proper authorization and accreditation of systems under FISMA guidelines.
