• Job Description

  Req#: 25-33161
  
  Job Description:
  
  Responsibilities:
  • Proven experience in cybersecurity operations with hands-on expertise in monitoring and managing multiple security tools, including vulnerability scanning platforms such as Tenable (Nessus, Tenable.Client, or Tenable.io).
  • Continuously monitor security tools and systems (e.g., SIEM, IDS/IPS, CrowdStrike EDR, DLP, Tenable vulnerability scanners) to detect, investigate, and respond to potential threats in real time.
  • Maintain and oversee the CrowdStrike platform, ensuring proper configuration, alert triage, threat hunting, and endpoint coverage across the organization.
  • Analyze data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations.
  • Interact at multiple levels of the organization to establish and maintain a strong and adaptive security posture that aligns with organizational risk tolerance, information access requirements, business strategies, and compliance requirements.
  • Integrate overarching security frameworks across multiple, complex disciplines in support of the business needs of the Agency to provide customer-focused technology solutions in a secure, cost-effective, and efficient manner.
  • Strong knowledge of system administration, including configuration, hardening, patch management, and monitoring of Windows and Linux servers.
  • Coordinate and oversee the production of evidence to support internal and external audits.
  • Identify risks, vulnerabilities, and compliance shortcomings; and recommend/develop security measures, policies, and controls for risk/vulnerability mitigation and remediation of compliance findings.
  • Ensure periodic monitoring of audit logs occurs in accordance with requirements, and report findings and concerns for further analysis and/or action, including breach notification and initiation of incident response, in accordance with Agency protocols/procedures and CISO direction/guidance.
  • Work with developers to plan, implement, manage, and coordinate appropriate security measures for information systems/applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information in accordance with federal, state, local, and agency requirements, policies, and directives.
  • Prepare and/or update Plan of Actions & Milestones (POA&M) that identify security weaknesses and establish milestones and compensating controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation.
  • Serve as a Subject Matter Expert (SME), advising on current best practice and strategies for the protection, auditing, and monitoring of data, data storage, and transmission paths.
  • Work with business owners, IT managers, staff, and vendors to provide timely and efficient coordination of information assurance/security services to meet Agency needs.
  • Prepare and communicate status of Agency information security programs and projects to senior executives through oral and written reports and presentations.
  • Assist with information security awareness training activities and preparation of awareness training materials.
  • Develop and communicate security metrics to assess effectiveness of, and compliance with, the Agency’s InfoSec policies and controls.
  • Performs other professional responsibilities as assigned.
  Qualifications:
  • Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university AND Five years of information technology experience, One year of which in information security or information assurance.
  • An equivalent combination of education and job specific experience that provided the knowledge, experience and competencies required to successfully perform the job at the level listed may be substituted on a year-over-year basis.
  Desired Skills/Qualifications:
  • Certified Information Systems Security Professional (CISSP).
  • Certified Information Security Manager (CISM).
  • Certified Information Systems Auditor (CISA).
  • Demonstrated professional experience developing and communicating an information security strategy and aligning projects, initiatives, and resources to execute against the strategy.
  
  

• About the company

  We are a team of technical visionaries who joined forces to form a company that would gather the best and brightest talent in the world. The company uses this talent to help other organizations fulfill their technological dreams and goals and make them a reality. Welcome to Cynet Systems Inc. – a premier staffing and recruiting company – a nationally and locally certified diversity firm.

Notice