***Candidates must be able to obtain a Public Trust
***W2 Only, No C2C
Position Summary:
The System Security Lead is responsible for safeguarding the IT infrastructure by implementing and managing security protocols, conducting vulnerability assessments, and ensuring compliance with federal security standards. This role includes monitoring security systems, addressing potential threats, and working with other IT teams to maintain a secure environment. The System Security Lead will be integral to developing and enforcing security policies and ensuring that all systems and applications meet stringent security requirements.
Key Responsibilities:
- Security Oversight: Manage and maintain the security of IT systems, including implementing security controls, monitoring for threats, and addressing vulnerabilities.
- Compliance Management: Ensure that all systems comply with federal standards, including FIPS, NIST SP 800-53, and NIST SP 800-171, and oversee adherence to security protocols across the IT environment.
- Incident Response: Lead efforts in security incident management, including threat detection, incident analysis, containment, eradication, and recovery.
- Policy Development: Develop, implement, and enforce security policies and procedures, ensuring that security best practices are consistently applied across all IT systems.
- Risk Assessment: Conduct regular risk assessments and vulnerability testing, generating reports and recommending improvements to mitigate identified risks.
- Collaboration: Work closely with the IT Operations and Applications teams to support secure application development, network protection, and data center security.
Qualifications:
- Education: Bachelor’s Degree in Computer Science, IT Management, Engineering, or a related field. An additional four years of relevant experience may substitute for a degree.
- Experience: Minimum of 5 years in security systems analysis, including hands-on experience with risk assessment, vulnerability analysis, and threat mitigation.
- Skills and Competencies:
- In-depth knowledge of federal security standards, including FIPS, NIST, and cybersecurity best practices.
- Strong analytical and problem-solving skills, with a proactive approach to identifying and mitigating security risks.
- Excellent communication skills to provide clear security guidance to technical and non-technical stakeholders.
Preferred Qualifications:
- Relevant security certifications, such as CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager).
- Experience working within federal government or regulated environments, with familiarity in complying with federal security protocols.
ECCO Select’s Comprehensive Benefits:
- PTO + Paid Holidays
- 401(k) plan + company match
- Life & Health
- Employee Assistance Program
Our Commitment
ECCO Select is committed to hiring and retaining a diverse workforce. ECCO Select’s policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category.
Equal Employment Opportunity is The Law
This Organization Participates in E-Verify