Job Description :

Job Description: 

  • Ensure security policies such as CJIS are in compliance throughout the design and build phase.
  • Engage in working session with the ESINET, GIS and L&R vendors on detail designs and provide input to their proposed solutions.
  • Provide Next Gen firewall architecture designs, configurations.
  • Provide expert Information Security firewall architecture vision, leadership, analytical guidance/process and security controls.
  • Implement cutting edge enterprise security solutions such as NGFW infrastructure; DNS/DNSSEC; enterprise MFA and NGFW infrastructure; and Data Loss Prevention (DLP) technology.
  • Manage the internal Security Solutioning & BOM process from Intake to implementation.
  • Evaluate the overall solution to ensure it is CJIS compliance.
  • Research, evaluate, test, recommend the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment.
  • Provide technical and expertise guidance for the deployment of security tools.

Required Skills

  • At least 12 years of IT security experience of which a minimum of three years must be in a senior position.
  • Determining and implementing cybersecurity and privacy principles to organizational requirements.
  • Strong background in documenting and assessing NIST 800-53 and CJIS controls.
  • Experience developing incident response process and procedures with internal and external stakeholders.
  • Knowledge of processes for seizing and preserving digital evidence.
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
  • Knowledge of system and application security threats and vulnerabilities.
  • BS/BA undergraduate degree.

Desired Skills

  • Experience building defensible security architectures for operational technology with a focus in cloud security best practices
  • Experience with defining, establishing and directing techniques for detecting host and network-based intrusions using intrusion detection technologies
  • Writing business/process documentation, developing models and graphics and making oral presentations to senior officials
  • Overseeing and interfacing directly with agency and interagency leaders during cyber incidents.
  • Assessing and providing strategic direction for resolution of mission-critical problems, policies, and procedures.
  • Knowledge of NIST’s Cybersecurity Framework (CSF) with a focus on response and recover control families.
  • Experience developing disaster recovery and continuity of operations policies, plans, and procedures.
  • Strong understanding of vulnerability scanning solutions, and the ability to clearly document the associated risks and remediation timelines.
  • Knowledge of malware with virtual machine detection.
  • Knowledge of anti-forensics tactics, techniques, and procedures.
  • Knowledge of legal governance related to admissibility (e.g. Rules of Evidence).
  • Knowledge of types of digital forensics data and how to recognize them.
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code)
  • Knowledge of malware analysis tools (e.g., Oily Debug, Ida Pro).
  • Knowledge of DDoS appliances such as NetScout Arbor, Fortinet FortiGate.
  • Knowledge of Insider Threat investigations, reporting, investigative tools and laws/regulations
  • Valid CISSP Certification
             

Similar Jobs you may be interested in ..