Title: DIR., SECURITY ENGINEERING Location: United States-Virginia-Virginia Beach Job Number: 240004AM Job Summary: Director of IT Security Engineering will spearhead the organization s efforts to safeguard its digital assets and infrastructure with a strong focus on perimeter technologies cloud security and Zero Trust methodologies. Oversee the organization s entire network security framework from evaluation to implementation and support. Responsible for the strategic planning design and management of IT security systems including hardware software and services. Utilize advanced expertise in network security technologies to guide the team in safeguarding the enterprise s digital assets. Conduct comprehensive reviews and continuous monitoring to ensure robust security across all IT operations. Ensure that access to critical systems and data is seamlessly managed and secure against unauthorized use. Duties and Responsibilities: - Incumbent of this position must be U.S. Citizen and be able to obtain and maintain a DoD security clearance at the TS/SCI level. - Studies vendor products to determine those that best meet organizational needs. Performs cost-analysis of proposed implementations. Presents information to management, which may result in purchase of hardware, software and cloud services to support the networking enterprise environment from an IT infrastructure security perspective. - Responsible for research and development of new technologies used to secure NEXCOM\'s local and wide area network, workstation and servers. Responsible for security design and testing new products to determine the most advantageous means of implementing and integrating the equipment with current IT infrastructure. - Develop and implement cloud security strategies to protect cloud-based systems and data across various platforms (e.g., SaaS, PaaS, IaaS), ensuring compliance with applicable standards and regulations. - Oversee the security posture of cloud services, including configuration management, access controls, and threat modeling. - Manage, monitor, and identify risk for all NEXCOM Internet, Intranet, and Extranet and Cloud activities. Identify security exposures that may currently exist or may pose a potential future threat to the NEXCOM enterprise. Propose solutions. - Directs and mentors team and staff members regarding enterprise IT infrastructure security. - Participates in a 24-hour/7day on-call rotation for IT infrastructure security. - Complies with DoD, DoN, NAVSUP, PCI, NEXCOM and industry best security practices, standards, and policy directives. - Establish, configure and maintain both the internal/trusted network and service network security standards and polices. Establish appropriate firewall and proxy server policies, both inbound and outbound for on-premise and cloud environments. - Serves as the key point of contact for IT network security related projects which are identified by the command. - Directs team to configure, maintain, and manage all IT security-related devices including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Firewalls, Proxy Servers, SFTP servers, etc. - Provides monitoring and analysis on the output of security devices, including logs, application output, etc. and providing reporting to all levels within the command on risk identification and assessment. - Lead the security architecture review of current and future IT projects and systems. - Coordinate and partner with Director of compliance to provide holistic end-to-end security solutions for the organization. - Manage the evaluation, selection, and deployment of security technologies and tools. - Manages penetration testing activities for all NEXCOM on premise and cloud solutions. - Acts as a key member of the Incident Response Team, identifying the threat, and taking the proper steps to correct the problem. - Stays current on security threats, mitigation, and technology, and provides recommendations to all levels of the Information Systems department. Performs other duties as assigned. The incumbent of this position must file a Financial Disclosure Report (OGE) Form 450, as required. Qualifications: Requires a total of 10 of experience in any combination as indicated below: General Experience: Three years of progressively responsible experience in technical, administrative, or investigative work related to IT security or other responsible work that demonstrated the ability to analyze systems, apply sound judgment in security-focused problem-solving, and effectively communicate complex concepts to both technical and non-technical audiences. OR Substitution of Education for General Experience: One year of academic study beyond high school may substitute for 9 months of general experience, up to a maximum of a 4 year bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field. And Specialized Experience: At least seven years of progressively responsible experience in IT security engineering, with expertise in two or more of the following: design, implementation, and management of IT security systems; Cloud security and Zero Trust methodologies; management of perimeter security technologies (firewalls, IDS/IPS); and security posture management, penetration testing, and incident response. And experience leading technical teams in securing large-scale enterprise environments. Security Clearance required: Must be eligible for and able to obtain a Top Secret/Sensitive Compartmented Information (TS/SCI) clearance within six months of appointment. Failure to obtain this clearance will result in termination. Job: Infrastructure
