Senior Cybersecurity Assessment Team Lead

Description

• Lead and manage a team of security professionals to conduct cyber security assessments on Information Technology and Operational Technology.
• Develop and implement effective security assessment strategies and methodologies.
• Engage in all phases of planning, development, programming, and execution of the cybersecurity assessment program.
• Provide formal audit and inspection expertise in accordance with national cybersecurity requirements and industry related best practices.
• Support all assessment types according to the target scope, including scheduling and coordination activities in accordance with the organization's policies and procedures, managing data call information, drafting of technical rules of engagement, completing assessment plans, and planning onsite validation logistics prior to the assessment.
• Prepare for all assessments as scheduled, interview personnel, test controls, and physically examine IT/OT systems, applications, components, and related security artifacts.
• Document findings and deficiencies to requirement non-compliance, offer recommendations for improvement, and denote best practices as defined in approved assessment plans, processes, and procedures.
• Analyze assessment results, and support daily and final briefings during assessments.
• Correlate, conduct trend analysis, and prepare audience appropriate comprehensive reports on key assessment findings.
• Stay abreast of the latest cyber security threats, trends, and technologies to enhance assessment capabilities.

• Expert in leading and managing cyber assessment teams in the execution of cybersecurity assessments in both Information Technology and Operational Technology fields.
• Possess a strong level of technical and program knowledge.
• Demonstrate expert ability in research, writing, and communication of technical cybersecurity topics.
• Demonstrate professional, effective, and factual assessment analysis and reporting.
• Demonstrate and utilize expert knowledge in the review of technical and programmatic cybersecurity protections as documented in NIST SP 800-53 and the Committee on National Security Systems Instruction 1253.
• Understand NIST and organizational implementations of risk management processes; cybersecurity threat and vulnerability identification and analysis; and the ability to quantify and qualify impact and risk posed to the confidentiality, integrity, and availability of government information and operational technology systems, applications, and information under assessment.
• Demonstrate sufficient knowledge in other security disciplines such as information security, technical security (i.e., Protected Distribution Systems, TEMPEST, and Wireless Security), communications security, operations security, and physical security to assess related cybersecurity protection measures.

• Education Requirement: Bachelor's degree in Cyber Security, Information Technology, or related field
• Can Additional Years of Experience Substitute for Degree?No
• Required Certification(s):CISSP, or other combination of program and technical certifications to satisfy requirements for both DoD 8570 Information Assurance Technical III and Information Assurance Management III categories
• Minimum Years of Overall Experience:15+
• Minimum Years of Specific Experience in Field:10
• Minimum Clearance to Start:Top Secret
• Work Status Allowable:US Citizen

• You exhibit desire for continuous improvement and curiosity within the cybersecurity field, keeping up with the latest industry trends and available training.
• You have high attention to detail.
• You possess excellent communication, time management, and organization skills.
• You demonstrate professionalism beyond reproach for themselves.
• You possess expert writing and presentation skills, and demonstrate professional, effective, and factual assessment reporting.