Information Intel and Defense Lead

About The Position

Requirements

• Bachelor’s degree from an accredited college or university in Cybersecurity, Information Security or a closely related field.
• High school diploma or equivalent and additional full-time experience in cybersecurity, information security, systems analysis, programming, computer operations, IT business analysis or similarly related experience may be substituted on an equivalent year-for-year basis.
• Seven (7) years of full-time directly related, progressively responsible experience in cybersecurity, information security, systems analysis, programming, computer operations, IT business analysis or similarly related experience.
• Three (3) years of full-time directly related, progressively responsible experience developing and training employees on security/privacy policies, data handling practices and procedures, and legal obligations; and guidelines for implementation or related experience.
• One (1) year of full-time directly related, progressively responsible experience conducting technical assessments, IT audits, or needs analysis to improve business process solutions. As well as developing and writing IT policies, procedures, and audit responses or similarly related experience.
• Experience may be concurrent.
• A master's degree or doctoral degree in a directly related field may be substituted on an equivalent year-for-year basis.
• Certification as a Certified Information Systems Security Professional (CISSP); or,
• One other cybersecurity certifications by an ANSI accredited certification body (ANSI/ISO/IEC 17024 Personnel Certification Accreditation Program).
• Knowledge of: Computer systems and technology limitations, capabilities, and security infrastructures.
• Knowledge of: Information security systems, controls, methodologies, practices, and regulations, including data encryption and information protection.
• Knowledge of: National and international laws, regulations, policies, along with ethics as they relate to cybersecurity/privacy.
• Knowledge of: Organization’s risk tolerance and/or risk management approach.
• Knowledge of: Applicable state and federal laws, statutes, Presidential Directives, executive branch guidelines related to information security or cyber security.
• Knowledge of: Current and emerging cyber technologies.
• Knowledge of: Telecommunications/ISP fundamentals.
• Knowledge of: Security hardware and software options, including the network artifacts they induce and their effects on exploitation.
• Skills in: Analyzing complex technical problems and developing workable solutions
• Skills in: Managing multiple conflicting tasks/deadlines.
• Skills in: Effective verbal and written communication of complex technical information.
• Ability to: Effectively assess areas of risk associated with information security.
• Ability to: Determine the validity of technology trend data.
• Ability to: Develop policy, plans, and strategies in compliance with laws, regulations, policies, and standards in support of organizational information security assurance.
• Ability to: Establish and maintain harmonious working relationships with co-workers, agency staff, and external contacts.
• Ability to: Work effectively in a professional team environment.

Nice To Haves

• GIAC Security Certifications.
• CISM, CCISO, or equivalent security-related leadership certification
• Experience with risk management frameworks as it pertains to the National Institute of Standards and Technology.
• Experience with various security monitoring tools, network and web assessment tools, and scripting languages.

Responsibilities

• Leads and contributes to the design, implementation, and support of cybersecurity solutions that meet defined operational and security requirements.
• Supports and maintains security infrastructure, including hardware, software, operating systems, and security tools.
• Coordinates with internal teams to install, configure, troubleshoot, and maintain secure server and system configurations, including RBAC, vulnerability remediation, and patch management.
• Performs security monitoring, analysis, and investigation activities using established tools, techniques, and procedures.
• Assists with documenting cybersecurity requirements and security controls throughout the system development and acquisition lifecycle.
• Writes, modifies, and executes simple scripts on Windows and UNIX systems (e.g., those that perform tasks such as: parsing large data files, automating manual tasks, and fetching/processing remote data).
• Verifies implementation of security controls, identifies gaps or deviations, and recommends corrective actions.
• Supports security risk assessments, audits, and compliance activities, including contributing to findings and remediation recommendations.
• Collaborates with stakeholders and external partners to stay informed of emerging threats and communicates relevant impacts to the team.
• Assists with business continuity and disaster recovery security planning and testing efforts.
• Mentors and teaches division staff on key security principals and technologies.
• Stays current on emerging security technologies and shares knowledge to support continuous improvement.
• Provide after hours support for information security functions.
• Leads Information Intel and Defense architects, engineers, and analysts by providing day-to-day oversight, delegating work and mentoring team members to support daily work and project execution.
• Provides status updates to Information Security division leadership.
• Partners with Technical leads throughout the agency to coordinate technical guidance and support enterprise-wide decision making.
• Serves as a SME in matters of escalation for security operations.
• Assists Information Security leadership with resources alignment to agency, division, and department goals.
• Assists with the delegation and time tracking of projects, tasks, and incidents management items.
• May provide input to the Manager regarding hiring, evaluating, and rewarding staff.
• Performs related work as assigned.