The role holder will be responsible for leading customers on analysis of cybersecurity requirements and resulting presales/solution architecture for those customers. This is a lead presales architecture and consultancy role.
Serve as a trusted information security advisor to our commercial and government clients.
Help our customers to implement and enforce Cybersecurity Maturity Model Certification (CMMC) using existing and future NIST and DFARS requirements.
Commercially minded - an intelligent, articulate, consensus building, and persuasive team player who can serve as an effective member of a dynamic pursuit team.
Experience with business system risk management as it relates to information security.
Develop various policy documents (SOPs/CONOPs) as required. This may include policies regarding Configuration Management, IS Sanitization, Media Security, Password Policy, Business Continuity, Continuity of Operations, Incident Response, Disaster Recover, and Security Assessments.
Continually develop and strengthen our cybersecurity service offerings.
Develop new, and mature existing information security and risk policies.
Manage the security oversight and assessment of information systems assets and the protection of systems from intentional or inadvertent access or destruction.
Initiate, and lead on-going information security maturity assessment processes and training, using industry accepted frameworks and implement into the overall cyber security posture.
Provide guidance, recommendations and oversight for the identification, triage and response of events or incidents of apparent security incidents for diagnosis of possible breaches.
Produce and review key performance indicators for implemented security measures and distribute KPIs.
Maintain knowledge of threat landscape by monitoring threat intelligence, and other related sources.
Provide supervision to the information security staff, including coaching, mentoring, training, career development, and performance assessment.
Requirements:
Must have degree or diploma in Computer Science, Engineering, Information Systems or related, with a focus or major in IT Security being highly desirable or related professional training or work experience.
Must have at least 5 years of strong hands-on experience in IT Security with at least 2 years in technical solutioning and presales.
Must have experience working in a customer-facing role and comfortable presenting to a small to medium audiences on both technical and business-related topics.
Must have working experience in or familiarity with a MSSP or familiar with the operation of a Security Operation Center (SOC).
Must have working technical knowledge of security technologies (across multiple domains such as Firewall, Network IPS, SIEM, DLP, Cloud Security, AV, VPN etc.), information security concepts and familiar with security products (such as Checkpoint, Palo Alto, Cisco, Fortinet, Barracuda, Proofpoint, Splunk, McAfee, Symantec, Carbon Black etc.) and the security market place overall.
Broad experience and understanding of industry standards, framework and best practices such as ISO27001, PCI DSS, NIST, CMMC, etc. is highly desirable.
Broad experience and understanding of security trends, threat landscape and frameworks.
Experience in preparing technical architecture blueprints.
High degree of familiarity or experience with Cybercrime and IT fraud (Ransomware, Spoofing, Forged Email, Phishing sites) is a plus.
CISSP or other security certification/accreditation or equivalent such as CISP, CEH and associated cybersecurity vendor technology qualifications.
Expertise in bid response (managed cybersecurity service outsource deals, defining service elements, building cost models, providing content).
