Yesterday
Public Trust
Senior Level Career (10+ yrs experience)
IT - Security
DirectViz Solutions, (DVS) is a rapidly growing government contractor that provides strategic services that meet mission IT needs for government customers. DVS provides innovative information technology solutions to government clients through the knowledge and expertise of our dedicated employees. DVS is an employee-centric employer that provides competitive compensation, comprehensive medical plans, 401k match, PTO accrual, professional development reimbursement, corporate-funded technology certifications, and employee recognition and appreciation programs.
At DVS, we recognize that our employees are our number one resource. If you are a problem-solving people-person, apply today!
Location: Remote
Position Overview: We are seeking a highly skilled Lead Incident Responder to manage and maintain critical security documentation and ensure compliance with government standards for various systems. The ideal candidate will have extensive experience in risk management, incident response, and vulnerability assessment within a government contract setting. This role involves creating, updating, and overseeing security documentation, policies, and processes for about 63 systems, conducting annual Security Control Assessments (SCAs), and managing the Department of Labor's Computer Security Incident Response Capability (CSIRC).
Key Responsibilities:
• Security Documentation Management: Develop, maintain, and update critical security documentation, including privacy assessments and system security plans, ensuring full compliance with government standards.
• Security Policy Oversight: Manage security policies and procedures, conduct risk assessments, and ensure training compliance for all Information System Security Officers (ISSOs).
• Annual Security Control Assessments (SCAs): Oversee and conduct annual SCAs for approximately 63 systems, testing one-third of the security controls each year, and addressing any identified issues.
• Incident Response Leadership: Lead the CSIRC on a 24/7 basis, training analysts in incident response, handling incidents involving Personally Identifiable Information (PII), and coordinating remediation efforts.
• Cyber Threat Monitoring: Develop and maintain a Cyberthreat Dashboard for reporting activities and insights. Monitor the network for unauthorized activities and ensure financial systems' security for the Office of the Chief Financial Officer (OCFO).
• Security Operations Center (SOC) Tools Management: Set up and optimize security tools for the Enterprise Security Operations Center (ESOC).
• Vulnerability Management Program: Oversee the Vulnerability Management Program, addressing security weaknesses across the enterprise.
• Application and Database Support: Provide support for various applications and databases, ensuring compliance with security, accounting standards, and accessibility requirements.
Qualifications:
• Education: Bachelor’s Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or related field. Equivalent experience may be considered.
• Minimum of 6 years of relevant technical experience or 4 years in IT solutions at a senior management level (preferred).
• At least 10 years of experience in an IT or technology-related field, with 5 of those years within the last 10 years on large government technical contracts.
Certifications:
o Certified Information Systems Security Professional (CISSP) (required).
o Additional certifications (highly recommended): Certified Incident Handler, Certified Intrusion Analyst, Certified Ethical Hacker (or similar).
o Project Management Professional (PMP) from PMI (highly recommended).
o Information Technology Infrastructure Library (ITIL) 4 Foundation (desired).
• Demonstrated experience in cyber incident response, threat monitoring, and vulnerability management.
• Proficiency in creating and managing security documentation for compliance.
• Strong project management and risk assessment skills.
• Experience with Security Operations Center (SOC) tools and incident response processes.
Physical and Mental Qualifications:
• Be able to maintain awareness during scheduled working hours.
• Prolonged periods sitting or standing at desk and working on a computer (mouse and keyboard)
• Able to lift up to 15 pounds.
• Excellent verbal and written communication; good command of the English language
• Execute tasks independently and work as a team.
• Learns and memories routine tasks.
• Strong organizational, grammar, business correspondence, and self-management skills
• Candidates must be able to perform the essential functions of the position satisfactorily. If requested, reasonable accommodation will be provided for employees with disabilities.
• DVS retains the right to change or assign other duties to this position.
DirectViz Solutions, LLC (DVS) is an equal opportunity employer and prohibits discrimination and harassment against any employee or applicant for employment because of race, color, sex (including pregnancy), age, gender identity, creed, religion, national origin, sexual orientation, marital status, genetic information, disability, political affiliation, protected veteran status, or any other status protected by federal, state or local law.
DVS has a zero-tolerance policy for harassment, threats, coercion, discrimination, and intimidation. Employees may file a complaint or exercise any right protected by Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, as amended, Section 4212 of the Vietnam Era Veterans Readjustment Assistance Act of 1974, or the Veterans Employment Opportunities Act of 1998.
At DVS, we recognize that our employees are our number one resource. If you are a problem-solving people-person, apply today!
Location: Remote
Position Overview: We are seeking a highly skilled Lead Incident Responder to manage and maintain critical security documentation and ensure compliance with government standards for various systems. The ideal candidate will have extensive experience in risk management, incident response, and vulnerability assessment within a government contract setting. This role involves creating, updating, and overseeing security documentation, policies, and processes for about 63 systems, conducting annual Security Control Assessments (SCAs), and managing the Department of Labor's Computer Security Incident Response Capability (CSIRC).
Key Responsibilities:
• Security Documentation Management: Develop, maintain, and update critical security documentation, including privacy assessments and system security plans, ensuring full compliance with government standards.
• Security Policy Oversight: Manage security policies and procedures, conduct risk assessments, and ensure training compliance for all Information System Security Officers (ISSOs).
• Annual Security Control Assessments (SCAs): Oversee and conduct annual SCAs for approximately 63 systems, testing one-third of the security controls each year, and addressing any identified issues.
• Incident Response Leadership: Lead the CSIRC on a 24/7 basis, training analysts in incident response, handling incidents involving Personally Identifiable Information (PII), and coordinating remediation efforts.
• Cyber Threat Monitoring: Develop and maintain a Cyberthreat Dashboard for reporting activities and insights. Monitor the network for unauthorized activities and ensure financial systems' security for the Office of the Chief Financial Officer (OCFO).
• Security Operations Center (SOC) Tools Management: Set up and optimize security tools for the Enterprise Security Operations Center (ESOC).
• Vulnerability Management Program: Oversee the Vulnerability Management Program, addressing security weaknesses across the enterprise.
• Application and Database Support: Provide support for various applications and databases, ensuring compliance with security, accounting standards, and accessibility requirements.
Qualifications:
• Education: Bachelor’s Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or related field. Equivalent experience may be considered.
• Minimum of 6 years of relevant technical experience or 4 years in IT solutions at a senior management level (preferred).
• At least 10 years of experience in an IT or technology-related field, with 5 of those years within the last 10 years on large government technical contracts.
Certifications:
o Certified Information Systems Security Professional (CISSP) (required).
o Additional certifications (highly recommended): Certified Incident Handler, Certified Intrusion Analyst, Certified Ethical Hacker (or similar).
o Project Management Professional (PMP) from PMI (highly recommended).
o Information Technology Infrastructure Library (ITIL) 4 Foundation (desired).
• Demonstrated experience in cyber incident response, threat monitoring, and vulnerability management.
• Proficiency in creating and managing security documentation for compliance.
• Strong project management and risk assessment skills.
• Experience with Security Operations Center (SOC) tools and incident response processes.
Physical and Mental Qualifications:
• Be able to maintain awareness during scheduled working hours.
• Prolonged periods sitting or standing at desk and working on a computer (mouse and keyboard)
• Able to lift up to 15 pounds.
• Excellent verbal and written communication; good command of the English language
• Execute tasks independently and work as a team.
• Learns and memories routine tasks.
• Strong organizational, grammar, business correspondence, and self-management skills
• Candidates must be able to perform the essential functions of the position satisfactorily. If requested, reasonable accommodation will be provided for employees with disabilities.
• DVS retains the right to change or assign other duties to this position.
DirectViz Solutions, LLC (DVS) is an equal opportunity employer and prohibits discrimination and harassment against any employee or applicant for employment because of race, color, sex (including pregnancy), age, gender identity, creed, religion, national origin, sexual orientation, marital status, genetic information, disability, political affiliation, protected veteran status, or any other status protected by federal, state or local law.
DVS has a zero-tolerance policy for harassment, threats, coercion, discrimination, and intimidation. Employees may file a complaint or exercise any right protected by Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, as amended, Section 4212 of the Vietnam Era Veterans Readjustment Assistance Act of 1974, or the Veterans Employment Opportunities Act of 1998.
group id: 90816300
