Ensures, or participates in ensuring, the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools (both open source and commercial) as it specifically applies to security operations threat intelligence, intelligence driven detection, response, and remediation of cyber security incidents that affect the Department. Present operation status and incident response outcomes to Department executives and managers.
Evaluates, acquires, configures, and uses software intended mature the abilities to gather intelligence, detect abnormalities in systems and networks, investigate abnormalities and determine if they are cyber events or incidents, respond to those incidents and work with organizations and users to remediate the incidents.
Manages the lifecycle of security operations project from concept development through implementation. Identifies customer requirements, develops technical approaches, and coordinates project resources related to project costs and schedules and advancing process maturity to align with technology.
Performs or participates in a range of cybersecurity incident management activities that extend or apply to an entire organization or major components of an organization. IT management activities include strategic planning, capital planning and investment control, workforce planning, policy and standards development, resource management, knowledge management, architecture and infrastructure planning and management, auditing, and information security management. Plans, develops, and implements systems and IT policy changes.