Lead Incident Responder

About The Position

Requirements

• Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or related field.
• Minimum of 6 years of relevant technical experience or 4 years in IT solutions at a senior management level.
• At least 10 years of experience in an IT or technology-related field, with 5 of those years within the last 10 years on large government technical contracts.
• Demonstrated experience in cyber incident response, threat monitoring, and vulnerability management.
• Proficiency in creating and managing security documentation for compliance.
• Strong project management and risk assessment skills.
• Experience with Security Operations Center (SOC) tools and incident response processes.
• Certified Information Systems Security Professional (CISSP)
• Public Trust or the ability to obtain one
• Be able to maintain awareness during scheduled working hours.
• Prolonged periods sitting or standing at desk and working on a computer (mouse and keyboard)
• Able to lift up to 15 pounds.
• Excellent verbal and written communication; good command of the English language
• Execute tasks independently and work as a team.
• Learns and memories routine tasks.
• Strong organizational, grammar, business correspondence, and self-management skills
• Candidates must be able to perform the essential functions of the position satisfactorily. If requested, reasonable accommodation will be provided for employees with disabilities.

Nice To Haves

• Certified Intrusion Analyst, Certified Ethical Hacker (or similar).
• GCIH / GIAC Certified Incident Handler .
• Information Technology Infrastructure Library (ITIL) 4 Foundation

Responsibilities

• Security Documentation Management: Develop, maintain, and update critical security documentation, including privacy assessments and system security plans, ensuring full compliance with government standards.
• Security Policy Oversight: Manage security policies and procedures, conduct risk assessments, and ensure training compliance for all Information System Security Officers (ISSOs).
• Annual Security Control Assessments (SCAs): Oversee and conduct annual SCAs for approximately 63 systems, testing one-third of the security controls each year, and addressing any identified issues.
• Incident Response Leadership: Lead the CSIRC on a 24/7 basis, training analysts in incident response, handling incidents involving Personally Identifiable Information (PII), and coordinating remediation efforts.
• Cyber Threat Monitoring: Develop and maintain a Cyberthreat Dashboard for reporting activities and insights. Monitor the network for unauthorized activities and ensure financial systems' security for the Office of the Chief Financial Officer (OCFO).
• Security Operations Center (SOC) Tools Management: Set up and optimize security tools for the Enterprise Security Operations Center (ESOC).
• Vulnerability Management Program: Oversee the Vulnerability Management Program, addressing security weaknesses across the enterprise.
• Application and Database Support: Provide support for various applications and databases, ensuring compliance with security, accounting standards, and accessibility requirements.

Benefits

• competitive compensation
• comprehensive medical plans
• 401k match
• PTO accrual
• professional development reimbursement
• corporate-funded technology certifications
• employee recognition and appreciation programs