ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a motivated security professional to oversee Information Technology (IT) Security and Security Operations Center activities for a federal customer with an international mission. The candidate will work closely with the agency Information Technology personnel to provide situational awareness and recommendations related to the overall security posture for the organization. This is a unique opportunity to lead projects and shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.
Roles and Responsibilities
- Responsible for monitoring and maintaining the security of the USAID operating environment and advising the ITO on security concepts and controls to ensure compliance with Federal regulations and USAID policies
- Manage all IT Security and SOC team members responsible for operations and maintenance (O&M) of a diverse portfolio of tools and processes, as well as a 24/7/365 global monitoring capability.
- Provide oversight and management of the Security Operations Center (SOC) including the Security Operations Center management, SOP development and maintenance
- Support security incident response including security incident detection and analysis, containment and eradication of security incidents and classified spills, and forensic security activities.
- Responsible for oversight of all security engineering activities related to the overall security infrastructure, platform and application security across the Agency’s network, to include security review of all proposed configuration changes.
- Provide rapid response support in an increased operational tempo environment.
- Perform and support, depending on situation, Incident Management activities in response to operational and security events.
- Serve in an advisory capacity for security governance, risk, and compliance to the client office including providing situational awareness on FISMA activities.
- Manage, track and report on Security Assessment and Authorization (SA&A) technical support processes to continuous monitoring activities in accordance with NIST and FISMA requirements and guidelines
- Responsible for vulnerability and audit management activities, such as maintenance of vulnerability management tools and processes, tracking POA&Ms, technical patching support, SLA reporting and oversight body (OMB, GAO, DHS, etc) response support
- Responsible for timely delivery of all required contract related deliverables
- 10 years of relevant security experience
- Strong written and verbal communication skills with demonstrated ability to communicate effectively to contract and customer leadership
- Demonstrated experience leading IT Security activities related to the roles and responsibilities listed above in an elevated operational tempo environment.
- Demonstrated leadership experience in a SOC environment, to include staffing 24/7/365 analyst capabilities, SIEM dashboard development and overall monitoring effectiveness and efficiency
- Strong technical understanding of security monitoring methodologies and solutions with an ability to advise customer on technical options for satisfying agency requirements.
- FISMA, NIST, FICAM policy knowledge
- Knowledge and understanding of malware and host-based protection methodologies
- Experience managing vulnerability management and remediation activities
- Must be able to think critically, manage time and competing priorities
- Experience managing/configuring technologies such as: FireEye (HX/CM/NX/ETP), McAfee (AC/PA/ePO), MSFT Active Directory (AD), Entrust IdG, CyberArk, Sailpoint, ForeScout CounterAct, Splunk, Tenable/Nessus, TGS AppScanner, Cisco IPS, Palo Alto NGFW and Cisco Wireless detection and management platforms
- Experience managing classified data spillages in a Federal environment
- Enterprise account management (AD and Entrust)
- Strong security and privacy incident response management experience and capability
- Strong reporting and trend analysis capabilities
- Required: Bachelor’s Degree with 4 additional years of experience; or Associates Degree with 8 additional years of experience; or HS Diploma with 12 additional years of experience may be substituted
- Preferred: Master’s Degree in Computer Science, Information Technology Management, Security, Business, or other technology- or security- specific discipline
- Certified Information Systems Security Professional (CISSP) and/or CISM, GSLC
- Washington, D.C
- Secret clearance required