Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
Conducts risk and vulnerability assessment at the network, system and application level.
Conducts threat modeling exercises.
Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.
Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.
Prepares security reports to regulatory agencies.
Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
Performs analyses to validate established security requirements and to recommends additional security requirements and safeguards.
Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
Periodically conducts of a review of each system's audits and monitors corrective actions until all actions are closed.
Interacts frequently with internal personnel and outside representatives at various levels.
Participates and presents at meetings with internal and external representatives.
Often plays a key role in cooperative effort among members of a project team made up of representatives from other departments.
Specific duties for this position include, but are not limited to:
Provide mgmt. oversight for Cybersecurity operations & intel functions
Analyze cyber intelligence reports to determine correlation and applicability to network operations on customer networks.
Analyze network intrusion detection reports and vulnerability assessments to evaluate security posture as it pertains to current operations and information security levels.
Recommends security posture changes based on security analysis and changes in threat indicators.
Develop reports and trend analysis of internal and external security activity, and incidents.
Provide on-shift training for both contractors and government personnel to include analysis interpretation and threat/event correlation.
Provide technical direction to other contractors on network and systems engineering to develop network and systems engineering concepts and apply System Development Life Cycle (SDLC) principles.
Maintain a professional image and appearance, including appropriate attire commensurate with this senior staff position. Profession business attire will be commensurate with government uniforms, and other contractor attire.
Provide technical coordination and research to exploit cutting-edge technologies, assisting with technical and status updates for briefings and reporting.
Review technical project documentation for final draft coordination and subsequent release. Includes assisting personnel with project documentation and web site development as needed.
Cyber Data Analysis Tasks: Contractor analyze Suspicious Event Reports (SER) to determine the impact and effect on customer's networks and systems, and provide details on possible actions and alternatives to resolve problems, issues, attacks, and intrusions.
Develop a weekly Cyber Activity Report focused on customer's networks; the report will include intelligence that directly and indirectly affects customer's networks and operations from both red and blue team perspectives.
Intrusion Detection. Examine logs and information gained from network sniffers or protocol analyzers to determine if possible outside or unauthorized access has occurred. Track and record possible intrusion or security breach from routine daily analysis to successful anomaly/intrusion identification, which includes writing detailed analysis for possible legal use. Function as government subject matter security expert for any legal actions associated with security breaches.
Vulnerability Assessment Task. Use vulnerability assessment reports to analyze networks and operation systems to determine security weaknesses and shortfalls. Research and provide detailed fix actions for all identified vulnerabilities. Coordinate with other computer emergency response teams (CERT) to ensure latest known vulnerabilities are properly identified and corrected. Make recommendations for changes in security policy based on vulnerability assessments.
Maintain a standard set of published network architectural diagrams; establish and coordinate periodic reviews and publishing to keep information accurate for use by Network Engineers and Helpdesk Technicians. Ensure Enterprise and Site network architecture drawings and diagrams are up to date and accurate. Establish and maintain a web page to provide deployed sites up/download access for site-specific drawings and diagrams.
Develop logic flow charts for Enterprise processes utilized by the NOSC and deployed sites. Provide standardized written procedures and/or checklists for associated with common tasks and procedures.
Document, create, maintain, and track network accreditation packages throughout their life cycle for local and deployed networks. Visit each site annually or sooner if required to maintain site network accreditation. Work with the Web Design Engineer and Programmer to provide access to the accreditation documentation using standard NOSC web page design practices.
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
At least 4 years' experience managing technology modernization projects position.
Experience coordinating multiple vendors, crosses functional technology and infrastructure projects simultaneously.
In addition the following certifications and skills are required: CISSP
ITIL 4 Foundation certification or any ITIL v3 Intermediate certification. Any equivalent IAT-III certification, Unix, MCSA, Firewall, Network+ CE, and ITIL Foundation.
My SAIC Benefits.