Essential Job Functions

• Leads cybersecurity investigations within the Computer Security Incident Response Team (CSIRT).
• Document and present investigation findings.
• Work with internal and external partners, including law enforcement, to conduct investigations,
• Follow applicable local, Federal, and State guidance, regulations, and laws in conducting investigations.
• Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications.
• Performs product evaluations, recommends and implements products/services for network security. Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
• Analyzes outputs and logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
• Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.
• Provides enforcement of security directives, orders, standards, plans and procedures at server sites.
• Maintains data and communicates to management the impact on business/customer caused by theft, destruction, alteration or denial of access to information.

Basic Qualifications

• Bachelor’s degree or equivalent combination of education and experience
• Bachelor’s degree in cybersecurity, computer science, or related field preferred
• Six or more years of experience in network, host, data and/or application security in multiple operating system environments
• Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
• Experience working with internet, web, application and network security techniques
• Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
• Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
• Experience working with federal regulations related to information security (FISMA, Computer security Act, HIPAA, etc.)
• Experience working with NIST Special Publications and C & A process methodology
• Possess security certifications (CISSP, CCNA, etc).

Other Qualifications

• Good communication skills
• Good analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
• Ability to perform and interpret vulnerability assessments
• Ability to administer the operations of a security infrastructure
• Ability to balance and prioritize work

Work Environment

• Office environment
• May require shift work
• May require weekend work