About the Role
The position requires the ability to provide guidance on how to architect/design, leverage, and operate, various operational platforms, including Identity, Credential, Access Management (ICAM), Security Information and Event Management, and Security Orchestration, Automation & Response (SIEM/SOAR), and Privileged Access Management solutions as well as be a catalyst to accelerate capabilities for an integrated Zero Trust future. In addition, responsibilities will include partnering with infrastructure stakeholders to build roadmaps and strategies to transition Agency’s networks, computing, storage, applications/services/workloads, and security services to an Enterprise Zero Trust architecture.
• Own the strategy and delivery of our enterprise-wide adoption of, various operational platforms as essential enablers for Zero Trust.
• Establish and refine customer capabilities, best practices, and adoption roadmap for Zero Trust to protect critical resources.
• Collaborate with infrastructure leaders to build security roadmaps for network, compute, and storage.
• Drive alignment to, and adoption of, industry leading technologies and standards.
• Collaborate with IT solution teams to integrate Zero Trust capabilities and solutions that improve agency security posture.
• Enable the success of application operations as new Zero Trust based security frameworks are adopted.
• Build talent of forward-thinking engineers who will be responsible for the full lifecycle of services from design, build, introduction, and retirement/refresh of technologies that make up our security portfolio.
• Bring Network/Enterprise Security Architecture skills to addressing Zero Trust capability architecture and implementation.
• Bring crafting/authoring policy and directive experience to integrate federal government requirements and directives into agency policies and directives.
• Bring governance experience toward constructing oversight bodies, and designing, testing, and implementing automated operational polices.
• Experience creating/crafting/designing cybersecurity and IT metrics.
Requirements
Familiar with the management, operational, and technical aspects of IT Security in a complex enterprise environment. Additional experience in cyber risk management and assessments will be considered.
Experience with in-depth analysis of Zero Trust Capabilities, Infrastructures and Architecture.
Preferred Qualifications:
Typically requires BS degree with 12 to 15 years of prior relevant experience to operate within the scope contemplated by the level.
5 years of team and/or operational leadership experience.
5 years experience in USG cyber risk management, assessments and authorization (A&A), certification & accreditation (C&A) and using NIST Special Publications (SP) (e.g.: SP800-30, SP800-37, SP800-53, etc.)
5 years experience in designing and engineering enterprise IT solutions within the USG using NIST SP (e.g.: SP800-60, SP800-64, SP800-80, SP800-122, SP800-137, SP800-146, SP800-160, SP800-204, SP800-207, SP800-213, etc.)
Current Certified Information Systems Security Professional (CISSP) certification.
Education
Bachelors’ degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and 6 years of related experience. Additional years of experience and cyber certifications may be considered in lieu of degree.