Cyber Security Manager

Program/Project Management Vicksburg, Mississippi Job ID: 2017-555


About the Team

STG, Inc. is a leading provider of mission-critical technology, cyber and data solutions to more than 50 US Federal Agencies. STG has been consistently listed amongst Washington Technology’s Top 100 Government Technology Contractors. We provide performance-oriented solutions in cyber security and secure information systems, software development, systems and services, and intelligence and analytics. We serve our customers at more than 250 locations at home and overseas.

About the Job

STG, Inc. is seeking a Cyber Security Manager to add to its team in support of the U.S. Army Corps of Engineers.  This position is located in Vicksburg, Mississippi.  The Cyber Security Manager is responsible for managing a team of Network Security/Information Assurance, Certification and Accreditation and CNDSP Engineers charged with incident handling, triage of events, network analysis and threat detection, trend analysis, metrics development, vulnerability information dissemination and the DoD CNDSP methodology as a Cyber Security team.  The Cyber Security Manager will function as the primary liaison for all enterprise security related functions between the program and the Cyber Security team, will provide the CIRT with situational awareness of all Cyber Security Information across the enterprise network, and also act as primary contact for Enterprise Engineering in coordination of all new projects needing security assessments and evaluations prior to transition to the production network.

The Cyber Security Manager is responsible to provide both the Director and Cyber Security team all required security assessments and audit feedback to include: recommendations to meet specific security compliance requirements and complete detailed reports of information systems security status.  The Cyber Security Manager will assist in the development of policy along with the Cyber Security team that will aid in securing information systems and protect data.  Additionally, the Cyber Security Manager may be involved in support and development of security awareness for employees by explaining security risks and demonstrating good safeguards both daily operations and for specific projects. 

Finally, the Cyber Security Manager will manage the teams completing all security audits of information systems and infrastructure equipment.  S/he must have knowledge of Army computer network defense with a strong understanding of the lifecycle of network threats, typical attack vectors, and network and system vulnerability exploitation.  The Cyber Security Manager will collaborate with the CIRT and the Engineering Design Directorate towards integrating security into the System Development Life Cycle of different development groups across the Computer Network Defense.

Key Responsibilities

  • Works with and assist the SOC and IA staff with general daily security activities such as (but not limited to):
    • Oversight of service requests ensuring teams are performing to standard
    • Supporting the CNDSP for forensics information and incident handling
    • Monitoring of overall security posture of the Enterprise, understanding how security event impacts
    • Oversight of incident response, ensuring responses are accurate and addressing the concern per standards
    • Overall security assessments, reporting requirements, making sure teams are meeting service level requirements (SLR) associated with information security on the enterprise
  • Supports the IA staff with policy and compliance doctrine, contribute to and maintain security standards documentation on the program that are aligned with program directives and goals.
  • Routinely reviews and suggest updates for security controls through recommendations of new policies, procedures and technical solutions designed to enhance overall enterprise security.
  • Prepares, schedules, and project manages annual SOC audits
  • Create and conduct independent internal audits on an ongoing basis to ensure compliance of company policies and procedures
  • Works directly with support departments to implement procedures and systems for the protection, conservation and accountability of proprietary data, including collaboration with training groups to ensure proper Security Awareness Training has been implemented on a mandatory annualized basis, including development and oversight of internal audits to ensure organizational compliance
  • Documents and reports incidents from initial detection through final resolution using standard DoD incident reporting channels and methods (refer to CJCSM 6510.01B “Cyber Incident Handling Program” dated 10 July 2012 or later). Briefs incident details as necessary to Senior leadership, up to and including the Director, and determine all means by which to resolve any incidents as quickly and effectively as possible.
  • Responsible for management oversight of testing of IA policies and security controls to level of risks associated with said policies and then is responsible for modifying and keeping those policies updated with the aid and support of the SOC and IA teams.
  • Coordinates with the Cyber Security Team on all security related items as required, including risk assessments as well as design and implementation of breach or high-risk resolution solutions.
  • Monitors open source feeds and reporting on the latest threats against computer network defenses. And, demonstrates clear capabilities of learning the interface, customization, language acceptance, and logic of new CND related tools as the program acquires them.
  • Key responsibility is to ensure all appropriate security safeguards, policies, procedures are designed and deployed to meet program standards.
  • Provides technical expertise regarding the defense of government information systems and networks.
  • Manages the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on enterprise networks.
  • Ensures CNDSP staff follow computer incident handling procedures to isolate and investigate potential network information system compromises.
  • Oversees performance of malware and/or forensic analysis as part of the incident management process.
  • Supports the design and integration of custom rules and reports into proper security tools and data collection architectures.
  • Evaluates reports that identify risks to computer systems and make written and verbal remediation recommendations to senior program staff as well as leadership.
  • Ensures timely and appropriate team response to General Service Incidents: Service and infrastructure related incidents (loss of service, poor performance, and service anomalies) IAW contract and DoD standards.
  • Maintains response oversight for Electronic Spillage incidents where classified, Personal Identifiable Information (PII), Controlled Unclassified Information (CUI), or Networks of Interest (NOI) information is introduced on an IT system or network that it is not authorized to hold or process such data.
  • Ensures response to unauthorized disclosure: any incident where information, data, or files have been made available to a person or persons who do not have authorized access.
  • Responds to requirements associated with Information Operations Conditions (INFOCON) and higher HQ direction.
  • Supports Investigation activities associated with complex incidents requiring more in depth data collection for command or law enforcement issues.
  • Supports Security Incident Response to include: Perimeter Configuration Incidents, Security Events to address actual or potential CND events or identified threats; End user level intrusion or rouge systems; vulnerability identification and mitigation; and Mission Assurance Incidents impacting IT systems or networks.
  • Manages and work in close coordination with the Information Assurance team and SOC to appropriately resolve daily incidents.
  • Ensures new employees are oriented to the Security organization and responsibilities to the customer.
  • Periodically reviews training requirements for personnel and ensure they are maintaining DoD requirements for their positions.
  • Provides supervisory guidance to Cyber Security staff regarding all matters relating to Computer Network Defense and Information Assurance (to include: protocol changes/updates, training, certification enhancements, etc.), acts as lead in staffing and hiring determinations related to the Cyber team in relationship to meeting customer service expectations and conducts annual performance evaluations, conducts promotional as well as disciplinary activities as necessary to maintain a functionally successful team.

Minimum Qualifications

  • Bachelors degree from an accredited college or university in Business, Information Technology, Systems Engineering, or a related field.
  • 8+ years of IT Security and CND experience.
  • Experienced in IT Audit, IT Risk Management, and IT Compliance.
  • Advanced knowledge of enterprise and IT security risk management concepts.
  • Knowledge and experience with security tools such as ArcSight, Splunk, HBSS, Maltego, CyberArk, and FireEye.
  • Active Top Secret Clearance.
  • ITILv3
  • PMP

Preferred Qualifications

  • 15+ years of technical program related experience in a government contracting environment.
  • Masters degree from an accredited college or university in Business, Information Technology, Systems Engineering, or a related field.
  • CSIM
  • CISA
  • GECH

The employment policy of STG, Inc. is to provide equal employment opportunity for all qualified employees and applicants without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status and to ensure affirmative action is taken in fulfillment of this policy.