Cybersecurity Specialist

Required qualifications:

• Demonstrated experience with multiple items listed in the strengths & capabilities section of the Job Summary
• Ideal candidate will be self-motivated, demonstrate adherence to in-place corporate protocol and policies, and work within established parameters while constantly striving to increase efficiency, enforce standardization and improve overall security posture
• Must be able to communicate effectively (verbally, in writing, in person/in remote meetings, etc.) with all levels of management & IT staff
• Security Industry Training (SANS, Offensive Sec, DOJ, etc.)
• Product/platform-specific vendor training (Tenable, Qualys, Rapid7, Cisco, etc.)
• Bachelors Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering
• Experience supporting the development and update of healthcare industry compliance/audit operations & documentation
• Must have advanced trouble shooting skills and possess the ability to identify the severity of an issue, ability to resolve issues quickly to customer satisfaction and prepare RCA or postmortem reports to stakeholders & management upon request
• Expert knowledge/understanding of Threat Analysis
• Must demonstrate expertise with handling major malware outbreaks/major incident response workflows in a large/distributed enterprise environment
• Possess excellent customer handling skills along with extensive hands-on skills in defining and creating operational/procedure documents
• Possess knowledge of ITIL processes like Incident Management, Problem Management, Configuration Management and Change Management
• Possess demonstrated excellence in verbal & written communication skills with a bias toward constant communication with all stakeholders; updating all parties regularly & escalating appropriately to management, without being prompted, to ensure superior customer service delivery

Preferred qualifications:

• One or more certifications for vulnerability assessment analysts: GPEN, GWAPT, GSNA, GMON, GISF, GAWN, GWEB, GXPN, CEH, GNFA, OSCP, OSEE, OSCE, OSWP, CISSP, GSEC

Responsibilities:

• Directly contributes to the implementation of Primes Security technology roadmap & TRO security controls; generates regular metrics from all supported VA product platforms and reports status and challenges on a weekly basis

• Actively monitors all ServiceDesk ticketing queues for the Vulnerability Assessment function to ensure quality of customer service, quick response & reliable solutions within established Service Level Agreements

• Serves as an expert engineer in product architecture, configuration, development, transition to operations and sustainment

• Works with the Governance Risk & Compliance (GRC) team to draft, update or improve applicable departmental policies, procedures, standards and configuration guidance in a timely manner

• Works with SOC, Incident response and Security Assessment & Penetration testing teams for cross functional collaboration

• Coordinate team activities during the patch cycles, Zero-day vulnerability events, and security incidents
• Validate scan findings, prioritize based on risk metrics (CVSS, EPSS, VPR) and provide actionable recommendations and familiarity with NVD, MITRE ATT&CK, and threat intelligence integration
• Ensure compliance with regulatory requirements (HIPAA, NIST etc.) related to vulnerability Management

• Champions agile and effective change management & actively utilizes change management system to convey impact & timing of changes, updates change requests (CRs) in timely manner and provides all relevant information to communicate change effectively, updates CRs before, during and after changes, regularly attends Change Advisory Board (CAB) meetings and provides required feedback to all stakeholders

• Manages one or more projects, initiatives and work efforts simultaneously without requiring direct supervision or prompting, regularly updates management with regard to status, updates project management portals/operational task tracking and other reporting tools in a timely and consistent manner

• Directly manages vendors and vendor support staff to ensure that all Vulnerability Assessment products, platforms & solutions are kept up-to-date, configured for maximum value, adhere to best practices, deliver required results and meet the needs of the organization (this will require regular meetings with all major vendors & VARs)

• Coordinates with IT & TRO stakeholders to develop follow-up action plans which address reportable issues and communicate with other relevant technologists to determine strategies to remediate security threats and vulnerabilities

• Configures, launches, troubleshoots, reviews and assesses successful enterprise-wide scanning operations, analyzes trends, and provides contextual reporting to senior management and system owners on a regular basis

• Assists in the preparation of program planning, engineering work breakdown structure, task estimation and scheduling in support of internal and PMO projects

• Serves as the highest point of escalation/Subject Matter Expert (SME) for VA product platforms and other technical solutions

• Creates technical documents, drawings, how-to guides and other deliverables as needed and continually updates operational information in a consolidated department file-share (MS Teams/SharePoint) document repository

• Contributes actively to the mentoring, training and development of other team members

• Complies with all Prime training and compliance educational mandates

• Performs escalation of critical issues or challenges to management in a timely and consistent manner

• Maintains/updates/consolidates internal documentation and diagrams for security configuration, point-products and solutions, data-flow-diagrams, and other relevant information regularly as changes occur

• As Team Lead, analyze and approve Security Exception Request (SER) tickets on behalf of the VA function to ensure that all critical security controls are implemented with minimal policy exceptions; ensure that any SERs provisioned uphold the principle of least privilege (PoLP), are centrally documented/tracked, reviewed periodically, and are understood by all IT & TRO stakeholders

• As Team Lead, work with the Cyber Defense Manager to set the technical direction for the VA team and take point on reporting team metrics on a weekly basis

• As Team Lead, develop, enrich and continuously improve VA reporting metrics

• As Team Lead, take ownership of coordinating/planning all VA projects

• Performs other duties as assigned or required