stuffnads, local and safe classifieds market in the USA.
Home
Ads
About
Place an ad

Director, Chief Information Security Officer - (Amarillo) in Amarillo, Texas For Sale

Type: Technical, For Sale - Private.

The CISO will report to the Chief Information Officer (CIO) and is responsible for managing a broad range of complex cyber operations and risk management activities. This is a technical position and requires deep and current practical experience in the subject area. This position will be responsible for implementing the vision and strategic direction set by the Senior Director for Enterprise Strategy and Architecture and for providing risk information and mitigation strategies to the CIO. Major Duties/Responsibilities: --Serve as the primary cyber security lead for CNS --Ensure risk-balanced security measures are integrated into IT projects and activities --Maintain an understanding of current and emerging cyber threats at all times, and make recommendations for mitigation to the CIO --Lead the development, ongoing improvement and maintenance of the CNS cyber security architecture --Work in partnership with other IS&S managers in the development, implementation and operation of a Security Operations Center (SOC) --Maintain timely and effective communication with stakeholders to resolve cyber security issues (to include development and maintenance of employee cyber security training) --Plan, prioritize, and coordinate assignments of cyber staff to projects --Propose and provide input into IS&S architecture efforts that can be implemented to enhance detection, analysis, containment and response --Manage compliance activities to support the contractor assurance program (ie patching and mitigation actions to resolve vulnerability scans). --Establish cyber metrics to gauge program effectiveness and perform internal audits and assessments. --Establish policies and procedures to ensure appropriate cyber controls and monitoring are in place to ensure the confidentiality, integrity, and availability of CNS and NNSA information --Maintain security log infrastructure to monitor, analyze, and respond to log anomalies. Conduct packet capture analysis and ensure the logging infrastructure is monitored for risk to CNS and NNSA information --Manage intrusion detection/prevention systems, maintain continuous monitoring systems, and provide timely network traffic analysis. --Support the CIO and other cyber security personnel to ensure implementation of the cyber security program remains in compliance with DOE/NNSA and NIST requirements. --Establish and maintain a strong external network of cyber contacts to ensure threat information and best practices are incorporated into the CNS cyber security program --Work cooperatively with external parties such as DOE-CIRC, JC3, DHS, CI, intelligence organizations, and others as appropriate to help improve the CNS cyber program and security capabilities --Standardize, document, maintain, and automate where possible cyber processes for monitoring, analysis, and response to cyber incidents --Plan, prepare, and devise work plans that ensure cyber efforts are conducted within approved budget and schedule parameters while implementing IS&S project management processes. --Monitor performance, ensure performance standards remain high, and document that risk management goals are accomplished --Maintain a strong understanding of mission needs and use cases so that risk management and cyber operations activities effectively support the CNS mission and program direction while managing risk in a balanced manner --Leads communications efforts with the Nuclear Production Office (NPO) federal customer on matters pertaining to cyber security and incident response. --Responsible for hiring and developing competent cyber security subject matter experts and for retaining critical cyber security skills on staff. --Lead CNS responsibility for coordination of external cyber security audits and assessments. --Ensures all CNS systems have an approved Authority to Operate (ATO) from NPO. Specific Job Knowledge & Training Required: Bachelors degree coupled with a minimum of 10 years of relevant experience and progressive management responsibilities. An equivalent combination of education and experience will be considered. Five or more years of experience leading and/or managing enterprise cyber security teams and risk management initiatives. Specific experience in cyber operations and risk management including: --Extensive experience with intrusion detection/prevention, log management and analysis, event monitoring and incident response --Extensive experience with network security --Extensive experience with vulnerability scanning and mitigation --Experience with establishing and maturing enterprise risk management frameworks --Experience leading self-assessments and supporting external audit activities --Ability to work semi-autonomously, strong decision making, time management, and customer service skills --Familiarity with current application models, data analytics, cloud services, and mobility --Familiarity with SIEM tools, next generation firewalls, and behavioral analytics --Strong written and oral communication skills --Ability to be on-site, at Y-12 or Pantex, Monday # Friday during core business hours to support operational and management activities for cyber security. Job may require on call support in the event of an operational or cyber security incident. --Ability to travel (expected to be no more than 10 weeks per year) to off-site locations to support DOE/NNSA mission requirements. --Specific knowledge of Federal cyber security and risk management requirements with an emphasis on NIST Special Publications (ie 800-53) Preferred Qualifications: --Advanced Degree in information technology, engineering, or related field --CISSP, CPT, CHFI, and/or CCNP certifications desired but not required --Experience in project management with PMP certification desired but not required --Experience in coordinating sophisticated incident response from attacks by APT actors --Familiarity with DOE Cyber Security program and requirements --Familiarity with the security development lifecycle for custom software --Familiarity with supporting and enabling the DOE/NNSA mission --Familiarity with business process re-engineering to include Six Sigma and/or Lean techniques --Familiarity with implementing Governance, Risk, and Compliance (GRC) systems Requires aQ clearance; however, all qualified candidates will be considered regardless of their current clearance status. (The ability to obtain and maintain a Department of Energy "Q" clearance is required.)
Source: http://www.juju.com/jad/xxxxxxxxvd104v?partnerid=af0exxxx314cbc501beebacaxxxx739d&exported=True&channel=staticfile&hosted_timestamp=xxxxa345f27ac5dce2c1dca0ddxxxx13d81ed92d413bxxxxb76cfexxxx381a74

State: Texas  City: Amarillo  Category: Technical
Technical in Texas for sale

This ad is older than 2 months.
View similar ads: Technical, Technical in Texas for sale


Copyright © 2024 stuffnads.com, All Rights Reserved. Designated trademarks and brands are the property of their respective owners.
Home | Ads | About | Place an ad | Sitemap 2 | Popular searches 2 3 4 5 6 7 8