Vice President of Enterprise Security Services (21-320)

Company: IBSS Corp.
Location: Silver Spring
Posted on: May 8, 2022

Job Description:

Job Title: Vice President of Enterprise Security ServicesLocation: Silver Spring, MDClearance Required: N/A Description:As the Vice President of Enterprise Security Services, you will be responsible for the vision and delivery of solutions that enable security at scale across Federal and Commercial clients. You'll guide the strategy and delivery of security infrastructure services, create architectural patterns and technical guidance, and evangelize and build consensus around security solutions that make security possible for a diverse and complex ecosystem. Bring a deep understanding of how to defend against real-world threats and help build capabilities to stop them. You will be responsible for coaching and mentoring the senior staff to achieve their Individual Development Plan's objectives. Key Responsibilities:Develop and execute on tactical and strategic goals driving a comprehensive information security program to include SOC-as-a-Service (SOCaaS).Responsible for understanding, researching, designing, and developing security solutions, technical and reference architectures, and supporting security strategies tailored to Federal and Commercial client's business needs.Collaborate with cybersecurity directors on all engineering activities to design and implement cybersecurity solutions for the Security Operation Center services, including developing and maintaining tools, technology, and processes.Drive adoption and optimization of cyber toolsets for a streamlined user experience and implement appropriate controls while identifying opportunities for automation across the stack.Search for and analyze security technology to reduce risks in every information security segment. Research and suggest measures to improve IT-related procedures, operations, processes, and systems specific to information security concerns throughout the organization.Develop functional requirements for roles involved in planning, designing, and implementing security systems and software, including but not limited to SIEM tools, DLP, IDS/IPS, NGAV, Vulnerability Scanning, advanced behavioral analytics, and advanced malware protection tools, security and scanning tools.Responsible for leading aligning and translating business requirements into secure solutions, designs, and reference architectures for applications and products that can be leveraged by all stakeholders.Drive strategy for security tools and oversee the effectiveness of the technology and process. Involve appropriate tuning, correlation of critical logs, connection to incident response process, and reporting of relevant metrics.Lead on complex enterprise-wide security solutions and engagements to help engineers see the big picture and incorporate enterprise technology direction into security roadmaps.Provide guidance to develop, maintain, and promote security operations playbooks with internal IT teams and external working groups to effectively trigger and execute the security incident response process.Mentor and provide developmental opportunities and job assignments to enhance employee performance and expand the capabilities of first-level managers and directors. Provides ongoing developmental feedback. Promote employee recognition and build a departmental culture that improves employee satisfaction and retains a skilled and motivated workforce.Support and contribute to the federal and commercial RFX initiatives by working with proposal and business development teams. Required Skills /Education/ Certifications & Qualifications:Bachelor's degree in Information Security, Computer Science, Engineering, Math, Statistics or related disciplineMinimum of 10 years of industry experience with a proven track record of delivery in the Information Security domainMinimum of 5 years of experience managing the building and deployment of information security solutions at scaleAt least 1 professional security management certification: e.g. CISSP preferred; CCSP, CISA, CEH, OSCP , Azure Solutions Architect Certification is optional.Advanced knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large and complex enterprise for on-premise and cloud infrastructures.Experience with successfully standing up one or enterprise SOCs, staffing the SOC, developing appropriate SOC processes and procedures, and selecting technologies necessary to accomplish business requirements.Demonstrated mastery of the life cycle of cybersecurity threats, attacks, attack vectors, and exploitation methods with an understanding of intrusion set tactics, techniques, and procedures (TTPs).Knowledge and understanding of emerging network, operating system, database and web application security threats and vulnerabilities.Expert understanding of cybersecurity principles such as encryption ports, protocols & services, policies, procedures, physical security, risk management, configuration management, ethics, access control, security architecture, continuity of operations, contingency planning, application security, network security, DDoS, DLP, IDS/IPS, NGAV, Vulnerability Scanning, Web Proxy and etc.Experience in penetration testing, threat intelligence, and detection of incidents/network monitoring.Experience with performing cybersecurity risk assessments and implementing risk management techniques. Strong communication skills with a proven ability to understand key concepts and communicate with technical staff, lines of business, and senior management.Advanced understanding of the information security threat landscape and how to identify new threats. Should be up to date on current attacker tools, techniques, and procedures.Extensive leadership experience creating, building, and maintaining. high-performing teams, particularly in a cybersecurity environmentAbility to effectively coordinate between technical teams and business stakeholders. Desired Skills:Experience working with SIEM/SOAR/EDR technologies.Familiarity with technologies that support zero trust strategies. Experience managing security operations teams that develop alerting capabilities to respond to escalations and triage incidents, especially such as overseeing a Global Security Operation Center (SOC) for a large, hosted B2B solution.Demonstrated understanding of recognized security industry standards and leading practices such as the NIST Cybersecurity Framework, International Standards Organization (ISO) 27001, IT Infrastructure Library and NIST, Capability Maturity Model Integration.Ability to effectively coordinate between technical teams and business stakeholders.Experience establishing a strategy for and implementing cloud enterprise solutions in AWS and/or Azure. About IBSS Corp.IBSS is a Woman-Owned business. Since 1992, IBSS has provided specialized professional, scientific, technical, cybersecurity, IT, and software engineering solutions to the Federal sector. Our clients include the National Oceanic and Atmospheric Administration (NOAA), the Department of Defense (DoD), and the Department of Justice (DOJ). We are committed to serving our clients and employees by delivering service excellence, creating value through technology, and continually improving our skills, services, and processes. Moreover, we maintain an ISO 9001:2015 certification which allows us to optimize current industry best practices to enhance delivery outcomes for our clients.IBSS offers a competitive benefits package including medical, dental, vision and prescription drug coverage with company-paid deductible, paid time off, federal holidays, matching 401K plan, tuition/professional development reimbursement, and Flex-Spending (FSA)/Dependent Care Account (DCA) options.IBSS is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by applicable law.

Keywords: IBSS Corp., Silver Spring , Vice President of Enterprise Security Services (21-320), Executive , Silver Spring, Maryland