· Perform Scrum Master duties and Management / Oversight of a team of Security Operations

Specialists

· Produce high quality contractual and customer-required deliverables on time with minimal

errors

· Monitoring security systems and responding to alarms and incidents in a timely SLA-based

manner. This may include End of Life and exploits reporting, FISMA reporting, generating

reports of analysis and discrepancies from background processes, log files, bath systems,

scheduled production reports and/or workflow logs

· Analyzing assorted tool output in order to support implementation of Operations Security, concerning vulnerabilities, POA&M progress, and other activities

· Assisting in communicating on operational status, establishing communication plans, and providing written and oral communication across technical, executive, leadership, and customer audiences

· Providing support of Operations Security and Remediation Team's role – providing technical advice and NIST based information on assurance governance guidance;

· Providing technical support for annual Authorization & Accreditation (A&A) security assessments

· Analyzing vulnerability and compliance scans for false positive identification and evaluate in terms of operations system data

· Track and establish root cause of vulnerabilities that are not resolved in a timely manner · Review/Update/Create system security configuration baselines

· Support incident response activities, tracking, identifying host owners, and coordinating information with other internal teams

· Help define and prioritize actionable timely recommendations for addressing compliance and vulnerability issues for network, operating systems, middleware, databases and applications

Required Skills and Education:

· Education: BS in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline

· 10+ years experience relevant to Security Operations

· ScrumMaster Certification · Strong experience with Agile Practices

· Excellent written and verbal communication skills

· Experience with Reporting – End of Life, EOL< and exploits (exploit reporting requires technical background to manage data, understand scanning system and output, etc)

· Experience with impact assessments · Familiarity and experience with FISMA systems and NIST controls and support on how to implement them; familiarity with all the NIST A&A documents and how to use them

· Familiarity with networking, operating system, and middleware builds (configuration baselines)

· Familiarity with CLOUD and FISMA processes (i.e. customer control matrices, security tools and options)

· Familiarity with DHS Binding Operational Directives

Preferred Skills:

· USPTO experience preferred

· ITIL-related certifications, project management certifications are a plus

· Regex for understanding / editing scan signatures

· Scripting for Linux

· Tenable, DBProtect, HP WebInspect

· CSAM, the official cybersecurity repository

· Network operations and security (Juniper, Cisco, F5, etc)

· IPv6

· Certificates / PKI Implementation

· Web security secure architecture

· Database security: Oracle, MySQL, Microsoft SQL Server, NoSQL DB's

· Windows Operating System security