Requiredconsultant experience provided by Contractor, shall include:

•At least 6 years of experience using informationsecurity tools to identify vulnerabilities in custom application code,commercial software, system configurations, and networks such as vulnerabilityscanners, endpoint detection and response (EDR) platforms, security informationand event management (SIEM) solutions, firewalls, port scanners, interceptproxies, log parsers, IDS/IPS solutions etc.

•At least 8 years of combined IT, network, and securitywork experience with a broad range of exposure such as systems analysis,digital forensics, networking, web filters, web application vulnerabilityassessments, application development, database design, and/or systemadministration.

•Experience in working with third parties tocoordinate, monitor, respond to and coordinate cybersecurity threats,incidents, mitigations, and response cycles.

•Experience creating, modifying, and analyzing scriptssuch as PowerShell and Python.

•Experience creating policy, procedure, and workingdocuments at a high level of proficiency.

•Ability to communicate technical information to broadaudiences verbally and in writing.

•Ability to establish and maintain effective workingrelationships with cross functional teams.

•Experience working independently and as a project teammember in security administration.

•Ability to contribute to the capability developmentand team rapport of the Department’s Security Operations Center.

•Experience working in a NIST Cybersecurity Frameworkaligned security program.

Preferred Experience:

•Hold active information security certifications suchas: CEH, CISSP, CISA, CISM, CCNP, CCIE Security, GCIA etc.

•Experience in IT security related to applicationdevelopment and code reviews.

•Experience as a project team leader in securityadministration.

•Experience creating automated processes.

•Experience leveraging artificial intelligence inattack detection, analysis, and response processes.

•Knowledge of the MITRE ATT&CK framework.