Responsibilities

• Conducts security control tests of design and operational effectiveness
• Manages remediation tasks to completion on tight deadlines
• Leads analysis and remediation of findings discovered during scheduled internal and third-party vulnerability scans and penetration tests.
• Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met.
• Handles special projects and initiatives as assigned.
• Provide relevant analysis, suggest mitigations, track remediation, manage scheduled scans, identify gaps, and expand scan coverage and escalate as appropriate.
• Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovations.
• Conduct cyber security risk assessments and serves as a liaison for the security team.
• Assist in incident response (IR) with security operations center (SOC) and/or IT teams.
• Creates security operation controls, playbooks, procedures, and guidelines.
• Participates in planning sessions to ensure security and compliance requirements are met.
• Stays current on best practices, current trends, and pertinent changes in internal/external threats and opportunities in a timely and anticipatory manner.  Advises management on key findings.
• Performs all other duties and special projects as assigned.

Qualifications

• Bachelor’s degree in a related field, plus 10 years of work experience, or equivalent combination of education and experience
• Professional security certifications (CySA+, Security+, CISSP, CCSP, CISM, CISA, AWS Certified Security Specialty) or willingness to obtain certification.
• Working knowledge of AWS Security tools, their functionality and purpose.
• Strong working knowledge of cloud security concepts and services such as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS)
• Strong familiarity of fundamental and operational concepts in information security, including network security, encryption, authentication, and incident response.
• Experience with common security technologies and tools, such as firewalls, intrusion detection/prevention systems, SIEM platforms, and endpoint security solutions.
• Demonstrated use of security frameworks and standards such as NIST SP 800-53, CIS Critical Security Controls, OWASP, MITRE ATT&CK, and ISO27001.
• Strong experience assessing and providing recommendations on the following: Privacy Impact Assessment, Risk Assessment, System Security Plan, Disaster Recovery / Contingency Plan, and Incident Response Plan. 
• Provide Plan of Action and Milestones (POA&M) support to ensure mitigations are completed or the teams are working to mitigate all vulnerabilities in a timely fashion and within customer policy timelines.
• Experience with Government Agency Security Assessment Process in support of maintaining and/or establishing an ATO and the appropriate security boundary.
• Strong knowledge of the Systems Development Life Cycle (SDLC) and its application in the development of technology solutions.
• Must be able to obtain Public Trust clearance.

Nice to Have

• Familiarity with working with Drupal
• Strong working knowledge of networking protocols, TCP/IP, and operating systems (Windows, Linux).
• Familiarity with applying scripting languages into security operations procedures and investigations (examples in Python or PowerShell).