Overview/ Job Responsibilities
Want to work for a fun, fast-paced company that wants to make a difference in this crazy world?
Oversee a team of approximately 50 FTE responsible for providing cybersecurity operations and engineering support services to a government customer with a significant mission for security and public safety. The project involves 1) day-to-day SOC support as well as incident response management, 2) infrastructure, architecture, and engineering support including but not limited to SOC Engineering Support Services, SIEM Infrastructure and Maturation, Security Patch Management, Malware Management, Security Assessments and Audits, CM, Vulnerability Scanning, Asset Management, CDM, and DR; Program Management; and Transition Services.
The Program Manager plays the leading role on the project and is responsible for the following action items:
- Research and identify adoption of higher protocol (Layer 5-7) security techniques to include Protocol security, OWASP top ten, and API protections
- Perform evaluation of DNS over HTTPS and TLS
- Review, Design, and implement firewall changes on multiple vendor firewall landscape.
- Design and automation of security scanning as part of daily integration activities to continuously assess code and remediate vulnerabilities early in the development lifecycle
- Define and plan processes for implementing application security initiatives compliant with customer set security requirements and certifications
- Research, identify, design, and implement solutions as well as perform application security vulnerability assessments and scans to identify, evaluate and mitigate security risks, threats, and vulnerabilities in Kubernetes clusters in AWS cloud and on-prem environments
- Document and communicate all security related configuration and guidelines for the portfolio application teams
- Actively involved at all phases of the development lifecycle to promote code reuse which uses inherited preapproved Risk Management Framework (RMF) controls to achieve faster ATO
- Responsible for confirming security-relevant design changes and raise “out Patterns” to CBP ISSM’s and ISSOs for early assessment
- Design integrate custom code to generate security-relevant events for the CBP Security Operations Center (SOC), enhancing operational monitoring
- Perform evaluation and onboarding CBP approved security tools ex SAST, vulnerability and open-source scanning into the Security DevOps life cycle
- Define best practices in security hardening, patching, granular role-based access, system administration, and configuration
Minimum Qualifications
- Bachelor’s or Master’s Degree in Information Technology or related disciplines; or have equivalent and direct experience performing program management of a Government Security Operations Center.
- At least 12 years of experience within the IA/Cyber Security industry, four of which must include performing Program Management duties in support of a multi-million-dollar IA/Cyber Security focused program:
- Must possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryptions standards
- Must have experience working with regulatory directives and policies that dictate required information technology systems, software, and hardware specifications and security controls such as NIST 800 series publications, FIPS requirements, and FISMA and DIACAP accreditation requirements
- Must have demonstrated problem-solving and analytical skills and ability to effectively interact with customers and team members
- Must have the ability to provide direction, management, and oversight of all contracting staff and support personnel
- Must have extensive experience with planning, managing, overseeing and allocating program resources and budgets
- Must have experience with government contract execution and management and its associated communications and liaison activities between vendor contracting offices and government contracting officers
- Must have experience with developing and maintaining full scale project plans and schedules to include the Program Master schedule
- Must have experience in planning and development of strategic goals to provide organizational direction to the program
- Must possess strong verbal and written communications skills
- Must have the ability to generate and provide reports detailing program status and initiatives for the information and consumption of government stakeholders and executive leadership
Eligibility/Clearance Requirements: Top Secret clearance
Certification Requirement: PMP certification is required
Desired Qualifications
- Experience successfully managing IT infrastructure and or cyber security contracts for the Department of Homeland Security (DHS).
- CISSP or CISM is strongly desired
About Sev1Tech LLC
Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies. Enable better government. Protect our nation. Build better humans across the country.
Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression. Please apply directly through the website at: https://www.sev1tech.com/careers/ #joinSev1tech
For any additional questions or to submit any referrals, please contact:david.clement@sev1tech.com
Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.