• Compliance and Risk Management: Ensure internal and client compliance with NIST SP 800-171, CMMC, and DFARS 252.###-#### requirements. Conduct regular risk assessments and audits to identify and mitigate vulnerabilities.
• Continuous Cybersecurity Monitoring and Analysis: Provide 24/7 monitoring and analysis services for both internal systems and client networks, using advanced tools to detect and respond to incidents in real-time.
• Email Security Management: Manage email security for the organization and its clients by setting email/domain exemptions, blocking malicious activities, and responding to social engineering attempts.
• Threat Intelligence and Incident Response: Conduct threat intelligence analysis and incident response, correlating actionable security events and triaging alerts to identify and mitigate threats.
• Incident Reporting: Lead detection, response, and mitigation of security incidents, ensuring thorough documentation and reporting in accordance with federal regulations and organizational policies.
• Data Analysis and Reporting: Perform extensive log analysis and report on true and false positives to provide clear security status updates to internal stakeholders and clients.
• Tool and Security Operations Management: Oversee and manage tools within the Security Operations Center (SOC), including SIEM, email security systems, and endpoint protection, ensuring optimal configuration and management for both the organization and its clients.
• Client Communication and Policy Compliance: Maintain clear communication with clients, explaining technical issues and solutions clearly and adhering to escalation procedures while demonstrating excellent customer service.
• Professional Development and Mentorship: Participate in and facilitate continuous education and training, and mentor junior cybersecurity staff and interns, enhancing team skills and knowledge.
• Operational Flexibility and Leadership: Show adaptability in shift and task assignments, and provide leadership in maintaining strict security protocols and procedures across all operations.
• Policy Development: Assist in the development and updating of cybersecurity policies and procedures to bolster security posture and ensure compliance with evolving regulations for both the organization and its clients.
• Training and Awareness: Conduct cybersecurity training sessions to elevate awareness of cybersecurity best practices among staff, fostering a proactive security culture within the organization and among clients.

• United States Citizenship required.
• Bachelor's degree in cybersecurity or related field, or certification, or equivalent work or military experience.
• CompTIA Security+, or any relevant GIAC certifications
• Deep knowledge of federal cybersecurity regulations and standards such as NIST SP 800-171, CMMC, and DFARS 252.###-####.
• Experience with security incident response plans, business interruption response plans, ability to research internal or managed cyber security platforms that integrate with the customers infrastructure.
• Familiar with current cyber threats, including phishing and ransomware attacks.
• Knowledgeable in the ability to upgrade systems network security, compliance standards, and data storage and back up methods.
• Possess familiarity in Windows, Linux, Mac, Google cloud platform, Microsoft Entra (Azure) and AWS.
• Demonstrate strong knowledge of endpoint operating systems, network hardware and software systems.
• Proficiency with authentication mechanism as well as access management fundamentals.

• Master's degree in cybersecurity
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• Experience with technologies to mitigate vulnerabilities.

• The salary range for this role is $75,000-$90,000, commensurate with experience
• A competitive salary and benefits package
• Generous PTO and flexible schedule
• Hybrid work schedule
• Professional growth encouragement and support

Powered by JazzHR