At least 5 to 8+ years’ experience in cybersecurity Architect, including compliance and risk management with a background in system and network security engineering.
BS/BA undergraduate degree.
Determining and implementing cybersecurity and privacy principles to organizational requirements.
Experience developing incident response process and procedures with internal and external stakeholders.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
Knowledge of processes for seizing and preserving digital evidence.
Knowledge of system and application security threats and vulnerabilities.
Strong background in documenting and assessing NIST 800-53 and CJIS controls.
DESIRABLE SKILLS/EXPERIENCE:
Assessing and providing strategic direction for resolution of mission-critical problems, policies, and procedures.
Experience building defensible security architectures for operational technology with a focus in cloud security best practices
Experience developing disaster recovery and continuity of operations policies, plans, and procedures.
Experience with defining, establishing and directing techniques for detecting host and network-based intrusions using intrusion detection technologies
Knowledge of anti-forensics tactics, techniques, and procedures.
Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code)
Knowledge of DDoS appliances such as NetScout Arbor, Fortinet FortiGate.
Knowledge of Insider Threat investigations, reporting, investigative tools and laws/regulations
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of legal governance related to admissibility (e.g. Rules of Evidence).
Knowledge of malware analysis tools (e.g., Oily Debug, Ida Pro).
Knowledge of malware with virtual machine detection.
Knowledge of NIST’s Cybersecurity Framework (CSF) with a focus on response and recover control families.
Knowledge of types of digital forensics data and how to recognize them.
Overseeing and interfacing directly with agency and interagency leaders during cyber incidents.
Strong understanding of vulnerability scanning solutions, and the ability to clearly document the associated risks and remediation timelines.
Valid CISSP Certification
Writing business/process documentation, developing models and graphics, and making oral presentations to senior officials