Decypher is seeking Cyber Operations Team Lead candidates to support the US Government at Wright Patterson Air Force Base, Dayton, OH. This position will oversee Cyber Operations and be the single point of contact for all cyber related issues for both internal and external customers. The successful candidate will possess IAM Level I certification, 2 years experience managing Cybersecurity/Information Assurance programs, and experience with the RMF process. US Citizenship and active TS/SCI clearance required.
Decypher is a leading integrator of professional, technology, and management solutions and services. We provide our services globally to Federal, Commercial, Local and State clients. Our employees are our most valuable asset and play an integral role in the success of Decypher and our clients. Working at Decypher is not a job, but a career where your talent and energy is respected and you can personally make a difference. Decypher invites you to join our professional team. Decypher is an equal opportunity/affirmative action employer committed to diversifying its workforce (M/F/D/V).
* Lead the Cybersecurity team, facilitating the assessment and authorization (A&A) and
* continuous monitoring of approximately 65 operational national security systems
* Support the Cybersecurity Branch, Information System Security Managers (ISSMs), and Information System Security Officers (ISSOs) in the oversight and execution of organization-wide Cybersecurity programs through the creation, maintenance, and delivery of policy, process, documentation, and training.
* Provide analytical support and risk assessment for output from cybersecurity capabilities such as endpoint security, audit logs, and vulnerability scanning
* Ensure Cybersecurity team members follow established procedures, meet agreed Service Level Agreements, and monitoring (network, system, environmental) of multiple data centers/facilities
* Maintain a help desk function for cybersecurity-related trouble tickets, ensuring all tickets and requests are assigned to the appropriate SME, tracked and reported, and resolved
* Review, update, maintain, and create, when needed, Cybersecurity policy documents and Standard Operating Procedures to establish and maintain proper oversight of organizational Cybersecurity programs. Develop communication plans and training to accompany policy and procedures when required
* Evaluate, conduct process-improvement analysis on, propose improvement strategies for, and implement streamlined processes for all Cybersecurity branch functions: Assessment & Authorization (A&A), defensive cybersecurity functions, and TEMPEST/EMSEC. Appraise policies and requirements governing these processes and ensure compliant repeatable processes are developed, documented, and implemented.
* Restructure, redesign, and reorganize the Cybersecurity SharePoint site such that resources, guidance, and training are logically organized and readily accessible to all Cybersecurity customers.
* Assist with the identification and tracking of applicable hardening guidance such as DISA STIGs and vendor-provided hardening guides. Assist with the interpretation and application of hardening requirements when required.
* Ensure Cybersecurity processes integrate with configuration management processes and, as part of a team, evaluate and acquire approval for changes to authorized systems Assist with the development, tracking, reporting, and completion of System and Program Plans of Actions and Milestones (POA&Ms) to resolve either self- or externally-identified deficiencies.
* Document and track unmitigated vulnerabilities and approved exceptions to policy.
* Support RMF system assessments and security/cybersecurity inspections. Produce security assessment reports and/or inspection reports as required.
* Analyze, interpret, and create actionable information from the output of enterprise cybersecurity capabilities such as the Security Information and Event Management (SIEM) tool, endpoint security, network boundary protection, network intrusion detection, vulnerability scanning, and Security Content Automation Protocol (SCAP) compliance scanning.
* Assess the risk from individual vulnerability and threat events as well as the overall enterprise risk and propose mitigations to reduce residual risk. Incorporate data from all available sources to support NASIC continuous monitoring and risk assessment. Develop and present risk scoring in accordance with NIST guidance and best practices
* Provide monthly reporting
* Provide emergency notification of critical system breaches affecting the Government mission.
* Perform notification recalls to subject matter experts (SMEs), leadership and/or external agencies based on alarm/event types
* Coordinate response actions and document artifacts for after action analysis
* Manage Cybersecurity personnel schedules
Required Experience and Skills
* IAM Level I certification
* 2+ years experience managing Cybersecurity/Information Assurance programs within the DoD
* Training, experience, or formal education in the accreditation of DoD information systems
under the RMF
* TS/SCI clearance
Desired Education and Experience
* Bachelors degree in relevant field
* Training, experience, or formal education in the Capability Maturity Model Integration (CMMI),
Information Technology Infrastructure Library (ITIL), or Information Technology Services
Management (ITSM) Methodologies