Job Summary:
This senior-level employee is primarily responsible for managing and directing the maintenance and protection of integrity and reliability of the security of data, systems, and networks.
Essential Responsibilities:
• Drives the execution of multiple work streams by identifying customer and operational needs; developing and updating new procedures and policies; gaining cross-functional support for objectives and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; removing obstacles that impact performance; guiding performance and developing contingency plans accordingly; solving highly complex issues; and influencing the completion of project tasks by others.
• Practices self-leadership and promotes learning in others by soliciting and acting on performance feedback; building collaborative, cross-functional relationships; communicating information and providing advice to drive projects forward; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership; influencing, mentoring, and coaching team members; fostering open dialogue amongst team members; evaluating and responding to the strengths and weaknesses of self and unit members; and adapting to and learning from change, difficulties, and feedback.
• Leads team in the proactive monitoring and/or response to known or emerging threats against the KP network.
• Effectively communicates investigative findings to non-technical audiences.
• Provides consultation in regular operations meeting with Cyber Risk Defense Center (CRDC) teams.
• Drives closed loop processes on security efforts by providing feedback to the TDA leads and/or leadership.
• Demonstrates a consulting value by recommending adjustments to the collection strategy for deltas in scope, size, or emerging security threats.
Security Operations
• Drives information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.
• Serves as a liaison between stage teams and upper management by identifying issues, improvement areas, or security/architectural gaps and suggesting appropriate improvements.
• Drives the development of the CRDC intellectual capital by leading process or procedure improvements, consulting on brown bag training sessions, and leading the development of new training documents.
• Builds partnerships with the CRDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture.
• Facilitates follow-up remediation design and review efforts related to highly complex security events.
• Leads the investigation and triage of a wide variety of security events across cyber security domains.
• Serves as a subject matter expert in performing complex data analyses to support security event management processes, including root cause analysis.
• Coordinates the response and resolution of high-impact or critical cyber security incidents.
• Provides insight and influence in determining the strategic direction for the development and deployment of threat detection capabilities and/or incident response plans.
• Drives the development and implementation of incident detection and/or handling processes which may include containment, protection, and remediation activities.