Job Description
Responsibilities:
Lead a team as the SAFE Proxy Product Owner for the security countermeasures supporting SOC/CIRT operations
Work with the team to generate functional metrics for performance of security system and SIEM tuning
Coordinate across teams and the contract to resolve issues with security systems and to enable the countermeasures team members to focus on their roles
Supervise countermeasure implementation, integration, and tuning support for detection, response, mitigation, and reporting of cyber threats affecting customer networks
Review reports and briefs to provide an accurate depiction of the current threat landscape and associated risk
Collection information and system updates from team members, update the required presentations, and present the status on behalf of the team
Possesses strong leadership, project management, and familiarity with scaled agile framework or agile concepts
Understanding of Kanban methodology and Agile terms and terminology. Strong written and verbal communication skills to coordinate with team members and management and explain technical issues
Analytical and problem-solving skills to handle any issues that occur during the project lifecycle
Organization and time management skills to keep projects on track and within budget.
Excellent resource planning and task scheduling skills
Required Skills:
U.S. Citizenship
Active Secret (S) clearance. Must be able to obtain a TS/SCI clearance
Must be able to obtain DHS Suitability
10+ years directly relevant experience
Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
Proficiency with MS O365 suite and power apps development a plus
Desired Skills:
Experience as a detection analyst, threat hunter, or incident responder in a CIRT/SOC
Experience supporting DHS, Federal Civil, Intelligence and/or DoD Customers
Experience with Scaled Agile Framework, JIRA, and Kanban methodologies for managing projects
Prior experience with data visualization products such as Analyst Notebook is desired
Prior experience with Splunk
Required Education:
Bachelors degree in Information Security, Cyber Engineering or a related discipline is required [Twelve (12) years of experience (for a total of twenty-two (22) or more years) may be substituted for a degree.]
Desired Certifications:
DoD 8570.1-M Compliance at IAT/IAM Level II (e.g., Certified Information Systems Security Professional (CISSP))
Cisco Certified Network Professional (CCNP), Cisco Certified Security Professional (CCSP)
Project Management Professional
Scaled Agile Framework (SAFE)
Splunk Certifications (Splunk Certified Cybersecurity Defense Analyst, Splunk Enterprise Security Certified Admin, Splunk Enterprise Security Certified Admin)
Incident Response Certification (GCIH)"