DATASOFT TECHNOLOGIES
Information Technology Manager, Cyber Security Services
DATASOFT TECHNOLOGIES, Norfolk, Virginia, United States, 23500
Information Technology Manager, Cyber Security ServicesHampton, VALong Term Contract - 1 year, plus 4 option years (5 years total)Internal Job ID - HRTKThese positions are contingent upon contract award. This project is set to begin in March 2024 and the individual willbe expected to work onsite with some remote flexibility.
Overview:The Manager of Cyber Security Services (CSS) will be hands-on and responsible for management of informationsecurity and compliance related activities including the following:
Utilizing a risk-based approach to manage information security related aspects of operations.ssuring compliance with information security, privacy, and industry standards and regulations.Designing, establishing, and maintaining reasonable organizational cyber security and information privacy postures.Implementing the NIST Cybersecurity Framework within the organization to improve cyber resilience.In coordination with key stakeholders, this position communicates, prepares for, and responds to geopolitical,international and national cyber threats from an Agency perspective.
This role is responsible for ensuring systems are secure, are compliant as per established regulatory frameworks, andudited as per established cadence.
Essential Job Functions (Duties listed are not intended to be all inclusive nor to limit duties that might reasonably bessigned.)
Works with CIO/CTO to define, implement and maintain corporate information and operations technology security policies, procedures, and guidelines based on industry best practices that are compliant with federal and state regulations.Maintaining awareness of new cyber threats, vulnerabilities, and technologies to keep the organization secure.Conducting risk assessments to identify potential security threats and vulnerabilities.Monitoring network activity to identify signs of intrusion or compromise.Providing technical support for computer networks, including firewalls, operating systems and applications, patch management, and data security best practices.Manage security tool suite in including endpoint protection, vulnerability assessment, log aggregation and analysis.Training staff on information security best practices to ensure compliance with company policies.Conducting audits to ensure security protocols are being followed by staff.Providing training in information security best practices to employees.Working knowledge with industry standards such as HIPAA, ITIL, NIST, SANS, COBIT, OWASP, and ISO.Own the entire IT audit process for SOC & PCI reporting across the enterprise.Responsible for leading vulnerability audits, forensic investigations, and mitigation procedures.Responds immediately to security-related incidents, leads response team, and provides post-event analysis.Evaluate new cybersecurity threat and IT trends and develop effective security controls.Evaluate potential security breaches, coordinate response, and recommend corrective actions.Monitor compliance with security policies and procedures.Investigate security breaches and incidents.Coordinate incident response activities.Train and educate employees on security awareness.Manage security vendors and service providers.Take proactive role is procurement process from the cyber security perspective.Manage department budget, take part in annual capital expenditures planning exercises.Manage records created and received in compliance with the Records Management Policy and Procedures.Responsible for maintaining a general awareness of EMS.Responsible for handling all related job responsibilities in accordance with Environmental Policy, relevant EmergencyManagement System (EMS) Standard Operating Procedures, and Emergency Management Plan.Required Knowledge, Abilities and Skills essential to Job Functions:
Bachelor's degree in computer science, information technology, or related field.10+ years of experience in IT security, including 5+ years in a management or lead role.Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) Certification or similar certification.Experience with a diverse body of technical cyber tools and software.In-depth knowledge of cyber security principles and best practices.Experience developing and implementing security policies and procedures.Demonstrated Experience in Network Engineering.Project management experience.Certification in CompTIA Security+.bility to effectively present information and respond to questions from senior management, groups of managers, clients and internal and external customers.bility to handle multiple tasks simultaneously and meet multiple deadlines.Excellent written and verbal communication skills.Required Software Knowledge and Skills essential to Job Functions:Proficiency in using computer systems and the listed software applications associated with performance of assignedwork is essential. Basic problem-solving skills associated with software applications used is expected. Software usagerelevant to job duties will be evaluated.
Software Applications:
Strong background in Windows security management and security architecture.Background in application security analysis, design, and testing.Experience in network traffic flow monitoring and analysis tools.Experience in log aggregation and analysis tools.Experience with vulnerability assessment tools.Experience with endpoint protection tools.Experience with Internet of Things / Operational Technology security.Experience with a diverse suite of cyber and network tools.Experience with physical security access control systems and video surveillance systems.Safety Responsibility:Perform all job duties and responsibilities in a safe manner to protect one's self, fellow employees, and the publicfrom injury or harm. Promote safety awareness and follow safety procedures and policies. Take an active part inreporting unsafe conditions and any hazards within the workplace to their Supervisor, Manager and/or the SafetyDepartment.
Training And/or Education
BS or higher in Computer Science, Information Technology Systems or related field.Required Experience
5-10 years in Information Technology field, 2+ years in IT Security Lead role, Leadership/ Management experience preferred.
Overview:The Manager of Cyber Security Services (CSS) will be hands-on and responsible for management of informationsecurity and compliance related activities including the following:
Utilizing a risk-based approach to manage information security related aspects of operations.ssuring compliance with information security, privacy, and industry standards and regulations.Designing, establishing, and maintaining reasonable organizational cyber security and information privacy postures.Implementing the NIST Cybersecurity Framework within the organization to improve cyber resilience.In coordination with key stakeholders, this position communicates, prepares for, and responds to geopolitical,international and national cyber threats from an Agency perspective.
This role is responsible for ensuring systems are secure, are compliant as per established regulatory frameworks, andudited as per established cadence.
Essential Job Functions (Duties listed are not intended to be all inclusive nor to limit duties that might reasonably bessigned.)
Works with CIO/CTO to define, implement and maintain corporate information and operations technology security policies, procedures, and guidelines based on industry best practices that are compliant with federal and state regulations.Maintaining awareness of new cyber threats, vulnerabilities, and technologies to keep the organization secure.Conducting risk assessments to identify potential security threats and vulnerabilities.Monitoring network activity to identify signs of intrusion or compromise.Providing technical support for computer networks, including firewalls, operating systems and applications, patch management, and data security best practices.Manage security tool suite in including endpoint protection, vulnerability assessment, log aggregation and analysis.Training staff on information security best practices to ensure compliance with company policies.Conducting audits to ensure security protocols are being followed by staff.Providing training in information security best practices to employees.Working knowledge with industry standards such as HIPAA, ITIL, NIST, SANS, COBIT, OWASP, and ISO.Own the entire IT audit process for SOC & PCI reporting across the enterprise.Responsible for leading vulnerability audits, forensic investigations, and mitigation procedures.Responds immediately to security-related incidents, leads response team, and provides post-event analysis.Evaluate new cybersecurity threat and IT trends and develop effective security controls.Evaluate potential security breaches, coordinate response, and recommend corrective actions.Monitor compliance with security policies and procedures.Investigate security breaches and incidents.Coordinate incident response activities.Train and educate employees on security awareness.Manage security vendors and service providers.Take proactive role is procurement process from the cyber security perspective.Manage department budget, take part in annual capital expenditures planning exercises.Manage records created and received in compliance with the Records Management Policy and Procedures.Responsible for maintaining a general awareness of EMS.Responsible for handling all related job responsibilities in accordance with Environmental Policy, relevant EmergencyManagement System (EMS) Standard Operating Procedures, and Emergency Management Plan.Required Knowledge, Abilities and Skills essential to Job Functions:
Bachelor's degree in computer science, information technology, or related field.10+ years of experience in IT security, including 5+ years in a management or lead role.Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) Certification or similar certification.Experience with a diverse body of technical cyber tools and software.In-depth knowledge of cyber security principles and best practices.Experience developing and implementing security policies and procedures.Demonstrated Experience in Network Engineering.Project management experience.Certification in CompTIA Security+.bility to effectively present information and respond to questions from senior management, groups of managers, clients and internal and external customers.bility to handle multiple tasks simultaneously and meet multiple deadlines.Excellent written and verbal communication skills.Required Software Knowledge and Skills essential to Job Functions:Proficiency in using computer systems and the listed software applications associated with performance of assignedwork is essential. Basic problem-solving skills associated with software applications used is expected. Software usagerelevant to job duties will be evaluated.
Software Applications:
Strong background in Windows security management and security architecture.Background in application security analysis, design, and testing.Experience in network traffic flow monitoring and analysis tools.Experience in log aggregation and analysis tools.Experience with vulnerability assessment tools.Experience with endpoint protection tools.Experience with Internet of Things / Operational Technology security.Experience with a diverse suite of cyber and network tools.Experience with physical security access control systems and video surveillance systems.Safety Responsibility:Perform all job duties and responsibilities in a safe manner to protect one's self, fellow employees, and the publicfrom injury or harm. Promote safety awareness and follow safety procedures and policies. Take an active part inreporting unsafe conditions and any hazards within the workplace to their Supervisor, Manager and/or the SafetyDepartment.
Training And/or Education
BS or higher in Computer Science, Information Technology Systems or related field.Required Experience
5-10 years in Information Technology field, 2+ years in IT Security Lead role, Leadership/ Management experience preferred.