IT Security Lead

About The Position

Requirements

• Four (4) to six (6) years of hands-on experience providing technology leadership for IT Security.
• Three (3) or more years of experience of new and emerging cybersecurity technologies including but not limited to: hands-on tool usage of BigFix, Splunk, Tripwire, Cylance, Tenable etc.
• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
• Experience with incident response and handling methodologies.
• Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
• Four (4) to six (6) years of hands-on experience providing technology leadership for FISMA Compliance.
• Three (3) or more years of experience of new and emerging cybersecurity technologies including but not limited to: hands-on tool usage of BigFix, Splunk, Tripwire, Cylance, Tenable etc.
• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
• Experience with Security Assessment and Authorization in Federal environment.
• Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment.

Nice To Haves

• CISSP, CISA, CISM, and/or SSCP.
• Strong skills in the following key areas including strategic thinking, multi-tasking, negotiation, conflict management, time management, planning and executing to a defined schedule/budget.
• Able to communicate complex technical concepts and project information clearly and concisely to both technical and non-technical audiences.
• Ability to work effectively as a member of an integrated team and the ability to negotiate reasonable compromises among a diverse group of stakeholders.
• Ability to work in a fast paced, technically challenging area; ability to anticipate changes, problems, or activities, assess impacts and recommend sound solutions.
• Able to work independently and motivated, capable of working across teams and organizations.
• Prefer experience with data analytics and combining data sets from multiple sources to provide reports for identifying risk and measuring security posture.
• Prefer strong skills in the following key areas including strategic thinking, multi-tasking, time management, planning and executing to a defined schedule.
• Expert level of experience with Microsoft products Word, PowerPoint, Excel, and Visio.
• Prior experience using a helpdesk ticketing system such as ServiceNow is preferred.
• Prior federal government IT Security experience is preferred.

Responsibilities

• Oversee routine vulnerability scanning capabilities across networks and systems.
• Oversees patching, hardening and baselining activities across networks; ensures other stakeholders are in compliance with established patching/hardening policies.
• Maintains, configures, and ensures the successful deployment of logging/auditing tools across the networks; ensures logging activities are functional across all networks.
• Maintains system baseline and configuration management items, including security event monitoring policies in a manner determined and agreed to by the program management.
• Interacts with both Systems engineers and O&M personnel to ensure a complete and functioning system that meets requirements.
• Ensures all Network Defense capabilities are kept current, patched, securely configured, and communicates status to management.
• Analyzes the data flows into, out of, and across networks to ensure security gaps do not exist and data exchange is in line with system classification level.
• Researching, analyzing, and reporting on different trends using publicly available or collected data.
• Ensuring effective implementation of annual FISMA reporting review requirements.
• Reviewing security documentation of various NICHD systems to assure FISMA Compliance is effectively implemented and monitored.
• Having the necessary organization, experience, and technical controls.

Benefits

• Health, dental, and vision insurance
• Life insurance
• Short-and-long term disability
• Paid time off (PTO)
• 401k retirement plan with employer match
• Annual Professional Development Reimbursement Program