Descrizione del lavoro
Assesses threats and vulnerabilities, responds to immediate and potential threats, supports investigation and analysis of cyber events. Works with Security Operations Center resources to proactively identify vulnerabilities, develop mitigation plans to address potential threats, and respond to immediate threats.
Education and Experience
- Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
- 5+ years of information technology leadership experience including implementing, managing or governing security technologies, including encryption, network security, intrusion detection and digital forensics
- Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)
- Technical leadership experience in a sourced environment
- Project management skills
- Excellent communication skills and problem solving ability
- Demonstrated ability to work independently and with others
- Ability to manage the details and compliance with standards and expectations
- Technical infrastructure operations, administration, or engineering background
- Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content (e.g., policies, standards, processes and procedures).
- Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. Identifies remediation activities and oversees efforts to implement them
- Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats and comply with relevant data breach laws. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize safety and security of systems, preservation of intellectual property, and information security. Investigates and analyzes all relevant security and privacy response activities.
- Tests, implements, deploys, maintains, reviews and administers the infrastructure hardware and software that are required to effectively manage the computer network defense (CND) service provider network and resources. Monitors network to actively remediate unauthorized activities.
- Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends and operationalizes appropriate mitigation countermeasures.
- Identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.
- Analyzes threat information from multiple sources, disciplines, and agencies across the regulatory and Intelligence Communities. Synthesizes and places regulatory and intelligence information in context; draws insights about the possible implications.