Deputy IT Security Manager with Security Clearance

****Position Requires 8+ Years Experience**** Hybrid- 4 days Onsite @ Falls Church, VA Active Secret Clearance Must Pass Background and Credit Check Responsibilities: * Policy and Standards: Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies. * Team Leadership: Manage a large, geographically dispersed, multifaceted team comprised of various cybersecurity engineers; team roles include information assurance, security infrastructure engineers, and Security Operations Center (SOC) analysts. * Incident Management: Direct and coordinate actions for incident response, data collection, digital forensics, cleanup, and reporting. * Threat Intelligence: Assess threat reports and threat intelligence to inform operational and policy decisions. * Project Management: Prioritize and manage projects in a fast-paced environment, ensuring timely completion of projects, on time and on schedule. * Compliance Review: Read and interpret security hardening guides (e.g., STIGs, SRGs), SCAP results, and vulnerability assessment scan results and provide direction as necessary for audit, accreditation, project, and consulting activities. * Vulnerability Management: Review vulnerability scans and approve associated mitigation strategies. Document strategies in Plans of Action and Milestones (POA&M) artifacts. * Information System Security Officer (ISSO) Duties: Perform all required duties as the primary Information System Security Officer for a large-scale, joint-force enterprise network. * Accreditation Management: Conduct and manage security authorization and accreditation activities under a Risk Management Framework (RMF) for multiple accreditation boundaries. * Guidance and Leadership: Provide guidance and leadership to other team ISSOs and security professionals. * Security Control Review: Lead authorization efforts and compliance reviews. Complete, test, and review RMF security controls as part of multiple security authorization packages (e.g., eMASS equivalents). * Documentation: Develop artifacts to provide evidence, support, or policy guidance for compliance with each control as necessary. * SOC Oversight: Conduct management and oversight of the enterprise SOC team and Incident Responders. Coordinate response efforts, incident management, and triage. Provide oversight of SOC activities, technologies, and strategic direction. * Investigations: Coordinate with division leads and directors for investigations, insider threat, and security research. * Strategic Analysis: Conduct analysis and provide recommendations on policy, design, and solutions for increasing the security of the enterprise. Required Qualifications: * Experience: * 3+ years in Information Assurance/Cybersecurity. * 3+ years in security engineering, operations management, and IT management. * 3+ years managing a team of 3 or more direct reports in an enterprise IT environment. * 8+ Years IT experience with a Master's degree, 10+ years with a Bachelor's, or 14+ years with a High School Diploma. * Certification: Active Certified Information Systems Security Professional (CISSP) certification. * Skills: Excellent interpersonal, interviewing, analytical, and problem-solving skills to address variable situations. * Knowledge: General knowledge of federal/government industry security requirements, standards, and best practices. * Communication: Strong written and verbal communication skills; ability to document processes and write comprehensive security recommendations. * Professionalism: Professional attitude, able to communicate and interact with individuals at all levels across various information technology and business sectors. * Organization: Strong organizational, project management, and customer service skills. Ability to act in the best interest of the client both within a team and self-directed. Preferred Qualifications: * Government Environment: 3+ years of experience in a government/military IT environment; experience reading and interpreting operational and tasking directives (e.g., TASKORDs and OPORDs equivalents). * Security Compliance Experience: 3+ years of experience in a security officer position working with vulnerability scanning tools; patch management and compliance; security authorization tools (e.g., eMASS equivalent); performing authorization (A&A), Validator, or Security Control Assessor (SCA) responsibilities; developing POA&Ms and documentation; vulnerability mitigation. * SOC/Monitoring Experience: 3+ years of experience working in a Security Operations Center (SOC) environment; conduct in-depth continuous monitoring; tuning of security devices and management of alerts; administration of Host-Based Security System (HBSS) tools; network defense and security event triage. * Enclave Experience: ISSO/ISSM experience on a network security enclave.