Client is seeking a highly motivated team member to fill the role of Cybersecurity SME. As Cybersecurity SME, you will be responsible for IT security solutions, incident response, vulnerability assessments/remediation and security standards for our client. Additionally, you will lead security architectural designs, with a focus on network and event management to (1) ensure adequate security solutions are in place throughout all IT systems and platforms, (2) mitigate identified risks sufficiently, and (3) meet business objectives and regulatory requirements. The ideal candidate has proven leadership, technical, and communications skills with an extensive background in cybersecurity.
- Provide Subject Matter Expertise across IT and business partners.
- Play a lead role in technology and security investigatory exercises related to Architecture. Participate in Platform audits of both business process and technology
- Govern, advise and drive security architecture during project delivery.
- Recommend improvements in security implementation and design while enforcing the use of existing solutions.
- Responsible for bringing together key security and risk stakeholders to develop and review enterprise IT security and risk strategies.
- Assist in drafting and proposing company-wide IT security strategy and action plans based on security risk and analysis based on potential and emerging threats to the business.
- Develops and directs technical teams in the investigation and resolution of complex security problems.
- Recommend actions in support of the company's wider risk management program.
- Management of technologies to support information and security requirements as team builds and supports security systems and infrastructure.
Technical Program Management and Delivery
- Strong knowledge and experience in various IT verticals, such as www, networking, OS systems, identity management, privacy, etc.
- Develop short and long-term security value and project objectives that align with business goals and create justification to executive management.
- Understand how to deliver security to the business often, early, and in rapid succession mapping security projects to direct business value in repeat and iterative cycles via Agile methodology.
- Deep knowledge on how to provide transparency and measurement to security initiative and projects at all times, via tooling, process, and dashboard reporting
- Oversee multiple project timelines, deliverable and information requests for all functions within IT Security Initiatives.
Capture and Customer Engagement:
- Engage customers to understand critical needs, socialize and vet solutions, and advise on strategies to shape acquisitions that achieve desired results
- Create innovative and differentiating technical solutions and approaches to address customer hot buttons and requirements
- Contribute to teaming strategies including identifying candidate offering and tool vendors
- Develop cost strategies, BOEs and associated rationale
- Author key proposal technical sections and orals slides including graphic concepts. Must be a strong proposal support writer.
- Review proposals and provide critical feedback needed to strengthen our solution and story
- Support development of differentiated Cyber offerings that include tool integration frameworks, maturity models and innovative delivery approaches
- Create graphics, white papers and marketing materials that demonstrate a clear and distinct value proposition
- BA/BS Computer Science, or relevant field OR 10+ years of IT work experience.
- 6+ years practical experience designing and implementing enterprise IT security, specifically around network security, security event management, incident response, and vulnerability assessments.
- Federal proposal experience, specifically leading technical volumes or authoring technical sections
- Ability to effectively engage prospective customers to build trust and relationships, clearly communicate solutions, and influence action
- Excellent writing skills and the ability to create compliant and compelling narrative that best presents Client’s solutions and approaches within the government’s requirements and evaluation criteria (note: this position requires a writing assessment during the interview process)
- Experience developing conceptual graphics that clearly communicate approach topics
- Experience with design, implementation, and operation of enterprise vulnerability management systems, SIEMs, logging.
- Experience in security process and enterprise organizational design and security specific architecture methodologies, including application security
- Strong demonstrated knowledge of technologies including network, server, desktop, storage, and how security relates to the overall IT environment.
- Strong conceptual thinking and communication skills - the ability to conceptualize complex business and technical requirements into comprehensible models and templates
- Excellent written and verbal communications skills with the ability to communicate security and risk-related concepts to technical and non-technical audiences.
- Strong business analysis skills, problem solving techniques, and follow-up.
- Advanced knowledge in information security forensic analysis methodologies
- Team-oriented, with the ability to interface effectively with a broad range of people and roles, including vendors and IT and business personnel
- CISSP (Certified Information System Security Professional) or equivalent
- Certification and/or Expert experience in a major operating system: Windows, Linux/Unix (any flavor), Mac OSX.
- Expert knowledge in Perl, Python, Powershell, and Java.
- Expert knowledge in breath of security products and tooling.