o Basic Qualifications:
· BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence analysis, Cyber Security or another related field of study
· Overall 10+ year of professional experience with 7+ years in Cyber Security
· Experience in and knowledge of the NIST Cyber Security Framework (CSF)
· Experience in and knowledge of industry standards (e.g. ISO 27001, NIST 800-53, CobiT, ITIL).
· Advanced skills and established experience in IT security and risk management (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.).
· Deep understanding of infrastructure components, including infrastructure security components (e.g. Network security, Firewalls, IDS, IPS etc.).
· Deep understanding of security architecture standard methodologies.
· Ability to work independently on initiatives with little oversight. Motivated and willing to learn.
· Strong analytical skills/problem solving/conceptual thinking.
· Effective communication skills
· Awareness of Cloud Security Solutions
· Must have Project Management, Share point and Presentation skills.
· Proficient with putting together business cases, presentations, reporting, documentation and metrics.
· Experience in leading or coordinating activities across a diverse group of professionals with visibility to senior management.
· Excellent organizational, planning, problem solving and decision making skills including experience with project management methodologies.
· Strong interpersonal skills, including verbal, written, and listening skills with the ability to influence and lead others.
o Desired skills:
· Conceptual understanding of the Cyber Kill Chain, Intelligence Driven Defense and/or Diamond modeling of cyber threat activity
· Experience working with and managing service providers
· Enterprise incident handling experience
· Forensic analysis and investigations experience
· Experience with the following technologies:
- Windows, Mac, Linux, AIX
- Palo Alto Firewalls
- Microsoft Office 365 SPE Security Suite
- Crowdstrike Falcon or similar EDR
- Nexpose and Metasploit
· CISSP, CISA, CISM or equivalent certification a plus.