Vacancy caducado!
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.The Lead Cyber Security Engineer who will serve as the principle technical advisor and subject matter expert for the Cyber Security Tools Engineering Support Function services. The Senior Engineer shall be an expert in the engineering design, development, direction, and implementation of enterprise network cyber defense capabilities to prevent sophisticated cyber threats and vulnerabilities, or detect when prevention fails. The Senior Engineer shall understand the fundamentals of layered defense and zero trust technologies and processes. The Senior Engineer shall understand the lifecycle of the network threats, attack vectors and methods of exploitation. The Senior Engineer shall have specialized knowledge in computer network theory and understand IT standards and Cyber Security Tools architectures including but not limited to the OSI model, and the methods of exploiting those standards. The Senior Engineer shall be familiar with the utilization, configuration, and implementation of industry standard cyber defense capabilities including but not limited to web content filters, email security capabilities, IDS, IPS, HBSS, SEIM, DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists. The successful candidate will have the ability to provide daily direction and manage a fast pace, high ops tempo environment. The candidate will have the ability to communicate customers' requirements needed to secure, protect, and defend an enterprise network environment. This position is contingent upon successful contract award. It may or may not be performed at a client site in a classified setting. The successful candidate must be willing to go onsite when required.
What You Will Do:- Oversee multiple teams that provide daily operational support for various types of cybersecurity technologies and related devices to include installing, troubleshooting, modifying, and testing.
- Lead organizational projects to drive the integration of new cybersecurity capabilities to include building test networks, system prototypes, performing equipment set-up, testing, and participating in test report writing.
- Develop and facilitate attack programs to verify security assurance and identify cybersecurity weakness within the enterprise.
- Gather and organize technical information about an organization's missions, goals, and requirements, existing security products, and ongoing programs in the IA arena.
- Perform a variety of routine project tasks applied to specialized technology problems.
- Lead the integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements.
- Lead security assessments, security consulting services, the analysis of information security requirements, and the certification process for the accreditations of systems.
- Manage vulnerability analysis and assessments using either government or commercial off-the-shelf technologies.
- Brief senior leadership on a recurring basis to include the status of current organizational projects and drive the long term cybersecurity vision for the organization.
- Master's degree with 6+ years of experience or bachelor's degree and 8 years of experience in a relevant field related to IT, Cybersecurity, Engineering, or Management.
- 3 years of experience supporting cybersecurity or Information Security programs (e.g. Cybersecurity Infrastructure, SOC Operations, or operational Information Assurance.
- DoD 8570 IAT level II certification and CSSP Infrastructure Support certification required.
- Ability to manage a large team of technical people while providing technical direction.
- Demonstrated exceptional leadership, communication, time management, facilitation, and organizational skills.
- Technical understanding of Network Security (Firewall, IPS, Web Gateway, Mail Gateway, Malware Detection, Traffic Agg, Break & Inspect Services, PCAP Services, Netflow Services) and knowledge of managing enterprise requirements.
- Technical understanding of Data Analytics (SIEM, Log Aggregation, EUBA) and knowledge of software development lifecycle to include managing weekly requirements request.
- Technical understanding of End Point Security (HBSS and EDR) and knowledge of managing enterprise requirements.
- Understanding of Risk Security Services (Threat Emulation, Network Mapping, Vulnerability Management, Threat Intelligence) and managing data inputs and metric reporting to Sr. Leadership.
- Familiar with NIST 800-53 and the DoD ATO process
- Familiar with JFHQ-DoDIN Orders and Directives (Cyber Task Order, TASKORD, EXORD, WARNORD, OPORD, GENADMIN, FRAGORD, SIGACT) and managing reporting of data point to JFHQ DoDIN and IC-SCC
- Familiar with Performance Evaluation Services (SOC-CMM, Quality Assurance, and other KPI's) to include creation of KPI's based upon Cyber Maturity and deployment of Business Intelligence dashboards as required
- Familiar with Audit Support Services (CCRI, CCORI, FISAM, CSSP) to including managing audit requirements across the enterprise
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- 100% employer-paid medical and dental premiums with generous employer family contributions
- 11 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Insurance