Deputy IT Security Manager

PRISM+Tysons, VA
51dHybrid
Match Resume

About The Position

Deputy IT Security Manager Security Analyst Tysons Corner, VA Position Requires 8+ Years Experience Hybrid- 4 days Onsite @ Falls Church, VA Active Secret Clearance Must Pass Background and Credit Check   Responsibilities: Policy and Standards: Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies. Team Leadership: Manage a large, geographically dispersed, multifaceted team comprised of various cybersecurity engineers; team roles include information assurance, security infrastructure engineers, and Security Operations Center (SOC) analysts. Incident Management: Direct and coordinate actions for incident response, data collection, digital forensics, cleanup, and reporting. Threat Intelligence: Assess threat reports and threat intelligence to inform operational and policy decisions. Project Management: Prioritize and manage projects in a fast-paced environment, ensuring timely completion of projects, on time and on schedule. Compliance Review: Read and interpret security hardening guides (e.g., STIGs, SRGs), SCAP results, and vulnerability assessment scan results and provide direction as necessary for audit, accreditation, project, and consulting activities. Vulnerability Management: Review vulnerability scans and approve associated mitigation strategies. Document strategies in Plans of Action and Milestones (POA&M) artifacts. Information System Security Officer (ISSO) Duties: Perform all required duties as the primary Information System Security Officer for a large-scale, joint-force enterprise network. Accreditation Management: Conduct and manage security authorization and accreditation activities under a Risk Management Framework (RMF) for multiple accreditation boundaries. Guidance and Leadership: Provide guidance and leadership to other team ISSOs and security professionals. Security Control Review: Lead authorization efforts and compliance reviews. Complete, test, and review RMF security controls as part of multiple security authorization packages (e.g., eMASS equivalents). Documentation: Develop artifacts to provide evidence, support, or policy guidance for compliance with each control as necessary. SOC Oversight: Conduct management and oversight of the enterprise SOC team and Incident Responders. Coordinate response efforts, incident management, and triage. Provide oversight of SOC activities, technologies, and strategic direction. Investigations: Coordinate with division leads and directors for investigations, insider threat, and security research. Strategic Analysis: Conduct analysis and provide recommendations on policy, design, and solutions for increasing the security of the enterprise.

Requirements

  • 3+ years in Information Assurance/Cybersecurity.
  • 3+ years in security engineering, operations management, and IT management.
  • 3+ years managing a team of 3 or more direct reports in an enterprise IT environment.
  • 8+ Years IT experience with a Master's degree, 10+ years with a Bachelor's, or 14+ years with a High School Diploma.
  • Active Certified Information Systems Security Professional (CISSP) certification.
  • Excellent interpersonal, interviewing, analytical, and problem-solving skills to address variable situations.
  • General knowledge of federal/government industry security requirements, standards, and best practices.
  • Strong written and verbal communication skills; ability to document processes and write comprehensive security recommendations.
  • Professional attitude, able to communicate and interact with individuals at all levels across various information technology and business sectors.
  • Strong organizational, project management, and customer service skills. Ability to act in the best interest of the client both within a team and self-directed.

Nice To Haves

  • 3+ years of experience in a government/military IT environment; experience reading and interpreting operational and tasking directives (e.g., TASKORDs and OPORDs equivalents).
  • 3+ years of experience in a security officer position working with vulnerability scanning tools; patch management and compliance; security authorization tools (e.g., eMASS equivalent); performing authorization (A&A), Validator, or Security Control Assessor (SCA) responsibilities; developing POA&Ms and documentation; vulnerability mitigation.
  • 3+ years of experience working in a Security Operations Center (SOC) environment; conduct in-depth continuous monitoring; tuning of security devices and management of alerts; administration of Host-Based Security System (HBSS) tools; network defense and security event triage.
  • ISSO/ISSM experience on a network security enclave.

Responsibilities

  • Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
  • Manage a large, geographically dispersed, multifaceted team comprised of various cybersecurity engineers; team roles include information assurance, security infrastructure engineers, and Security Operations Center (SOC) analysts.
  • Direct and coordinate actions for incident response, data collection, digital forensics, cleanup, and reporting.
  • Assess threat reports and threat intelligence to inform operational and policy decisions.
  • Prioritize and manage projects in a fast-paced environment, ensuring timely completion of projects, on time and on schedule.
  • Read and interpret security hardening guides (e.g., STIGs, SRGs), SCAP results, and vulnerability assessment scan results and provide direction as necessary for audit, accreditation, project, and consulting activities.
  • Review vulnerability scans and approve associated mitigation strategies. Document strategies in Plans of Action and Milestones (POA&M) artifacts.
  • Perform all required duties as the primary Information System Security Officer for a large-scale, joint-force enterprise network.
  • Conduct and manage security authorization and accreditation activities under a Risk Management Framework (RMF) for multiple accreditation boundaries.
  • Provide guidance and leadership to other team ISSOs and security professionals.
  • Lead authorization efforts and compliance reviews. Complete, test, and review RMF security controls as part of multiple security authorization packages (e.g., eMASS equivalents).
  • Develop artifacts to provide evidence, support, or policy guidance for compliance with each control as necessary.
  • Conduct management and oversight of the enterprise SOC team and Incident Responders. Coordinate response efforts, incident management, and triage. Provide oversight of SOC activities, technologies, and strategic direction.
  • Coordinate with division leads and directors for investigations, insider threat, and security research.
  • Conduct analysis and provide recommendations on policy, design, and solutions for increasing the security of the enterprise.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

High school or GED

Number of Employees

101-250 employees

Job Search Resources

Similar Deputy IT Security Manager job opportunities

IT Security Manager
BROAD RIVER RETAIL
BROAD RIVER RETAIL • Fort Mill, SC5d • Hybrid
IT Service Desk Deputy Operations Manager
Virtual Technologies Group
Virtual Technologies Group • Manchester, NH13d • $95,000 - $110,000
Manager, IT Security - Network Security
Sanford Health
Sanford Health • Sioux Falls, SD12d
IT Security
Velos
Velos • Albuquerque, NM1d • Onsite
Manager, IT Security Readiness
The Vanguard Group
The Vanguard Group • Scottsdale, PA1d • Hybrid
IT Portfolio Manager, Security
University of Miami
University of Miami • Miami, FL4d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service