Sr. Cyber/Cloud Security Specialist

Overview

GovCIO is currently hiring for a Sr. Cyber/Cloud Security Specialist to serve as Lead Information Technology Specialist (INFOSEC) and Cybersecurity Operations (SECOPS). This position will be hybrid, mostly remote with occasional onsite time as needed (hybrid) at EEOC HQ in Washington, DC.

Responsibilities

• Serve as Lead Information Technology Specialist (INFOSEC), Cybersecurity Operations (SECOPS) responsible for contributing to the Agency's IT Security Program, directs SECOPS, coordinates, and maintains inputs to EEOC's IT Security Program.
• Advise and support the Chief Information Security Officer (CISO) on developments in Cybersecurity (CS), Information Security (INFOSEC) and IT Security emerging technical threat vectors, advanced persistent threats (APT), attack surface or weaknesses.
• Advise Agency-level technical implementation or introduction of policy and orders, proactively developing supporting documentation and drafts for implementation.
• Direct the Commission's Cybersecurity Operations (SECOPS) cell, influences a range of the EEOC's operations, many of which have a direct and corresponding impact to the mission of the EEOC and its' critical infrastructure.
• Enables and administrates incident handling (IH) and response (IR), security incident and event management (SIEM) dashboards, inputs, "playbooks" and metrics to achieve efficiency.
• Facilitates, coordinates, and administers EEOC's Cybersecurity Operations (SECOPS) in support of the Information Security (INFOSEC) Program, and aids Agency Information system security program officers. Ensures accurate and timely status reporting of SOC efficiency metrics and recommends necessary adjustments.
• Advising authority for threat, vulnerability, and configuration management; conveys threat product recommendations to EEOC staff and customers; and provides expertise and insight to OIT for industry attack trends, mitigations, and active defenses.

Qualifications

Bachelor's degree in Cybersecurity, Information Assurance or Information Security with 12+ years (or commensurate experience)

Required Skills and Experience

• Ability to guide discussions, support CISO decisions with or without team support and effectuate positive cybersecurity changes at varying levels - users, developers, system admins, Directors, Managers and Executives where necessary. Typically, engagement is related to varying levels of technical system owner and "SOC" staff. Demonstrated experience as a SOC lead or Senior Team successfully engaging with managed security service providers (MSSP), Joint Cybersecurity external entities (e.g., CISA, CYBERCOM) on incident response (IR), weakness, incident handling (IH) and vulnerability management (VM), including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Documented applied theory as SOC Manager or Team lead conducting and guiding in-depth evaluations of current INFOSEC/IT Security/Cybersecurity tactics, technics, and procedures, to include their effect on baseline configurations.
• Demonstrated proficiency as a SOC manager or Senior Team lead providing cybersecurity hygiene and posture status, support debriefings and input in support of Governance, Risk, and Compliance (GRC) activities, and ongoing evolutions.
• Provide network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Demonstrated experience as a SOC manager or Senior Team lead with expertise conducting and guide log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
• Security implementation techniques and strategies in web services. Solid understanding of securing web technology, Microsoft cloud (e.g., Azure, M365, etc.) security knowledge and demonstrable abilities.
• Skilled security evaluation of complex web portals (e.g., Java, APIs, Ruby,; databases (i.e., SQL , Oracle) using commercial or open-source tools such as SQLmap, mongoaudit, etc.
• Near Expert Web Application Attack and Audit Frameworks to include Security evaluation of applications and websites using commercial or open tools NMAP, W3af, etc.
• Near Expert execution of a continuous monitoring and remediation program using commercial or open tools (i.e., Azure Security Center, Defender for Cloud, NMAP, Wireshark, Qualys)
• Near Expert execution of an end-point detection and response (EDR) remediation program using commercial or open tools (i.e., HBSS, SEP, Defender)
• Near Expert knowledge of and experience coordinating security operation center (SOC) principles, incident handling (IH), incident response (IR) as well as exploitation tactics, techniques, and procedures (TTP).
• Facilitate the adoption of security best practices with functional teams (i.e., developers, database administrators, web application administrators) using technical knowledge and interpersonal skills.

Clearance Required: Must be able to acquire an EEOC Public Trust

Preferred Skills and Experience

• Most Desirable Certification(s): CISSP, OSCP, GCIH, GPEN, GSEC, GSNA, GAWN, GCIA, GSE, GWEB, GPPN, GCED, GCID, CCSP, GCWN

Company Overview

GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.

But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?

What You Can Expect

Interview & Hiring Process

If you are selected to move forward through the process, here's what you can expect:

• During the Interview Process
• Virtual video interview conducted via video with the hiring manager and/or team
• Camera must be on
• A valid photo ID must be presented during each interview

• During the Hiring Process
• Enhanced Biometrics ID verification screening
• Background check, to include:
• Criminal history (past 7 years)
• Verification of your highest level of education
• Verification of your employment history (past 7 years), based on information provided in your application

Employee Perks

At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including:

• Employee Assistance Program (EAP)
• Corporate Discounts
• Learning & Development platform, to include certification preparation content
• Training, Education and Certification Assistance*
• Referral Bonus Program
• Internal Mobility Program
• Pet Insurance
• Flexible Work Environment

*Available to full-time employees

Our employees' unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.

Posted Pay Range

The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.

Posted Salary Range

USD $185,000.00 - USD $200,000.00 /Yr.