Company Job Title:
IT Security Lead
Director of Business Development
Exempt, Full Time, Regular
The IT Security Lead will work with NJVC's customer, the Office of the CIO (OCIO) of the Alcohol and Tobacco Tax and Trade Bureau (TTB) under the Department of the Treasury in achieving their mission. The IT Security Lead is responsible for managing all work across program area 5, Information Security.
Duties and Responsibilities:
Maintain the InfoSec strategic plan and five-year roadmap;
Maintain the InfoSec operating plan and oversee tracking, reporting, and resource allocation of security team tasks, projects and goals;
Facilitate project and task status meetings with OCIO staff and other key stakeholders;
Outreach activities to the bureau population;
Support Enterprise Configuration Control Board (ECCB), Architecture Working Group (AWG) and other security committees;
Coordination of penetration testing activities;
Assist OCIO staff with FISMA, Public Key Infrastructure (PKI), and other data calls;
Assist OCIO staff with implementing changes to IT policies and procedures as needed when government regulations change, as needed to streamline, and/or become obsolete; and
Modernize and secure TTB's technology and information resources
Improve customer value by increasing the quality and lowering the cost of TTB's IT Products and Services
Design user-friendly tools and programs to improve customer service, lower barriers to voluntary compliance, and deliver trusted services
provides leadership, guidance, and direction in applying IT resources by adopting the OCIO IT goals as the standard
Provide OCIO with the resources providing Information Technology - Program Management (IT-PM) Support Services. These support services are organized into five program areas:
Infrastructure and Customer Service
Software Development and Maintenance/Software Quality Assurance,
Data Management and Architecture/IT Strategic Planning,
Acquisitions and Budgeting, and
Support correction of security program deficiencies.
Support TTB Public Key Infrastructure (PKI), smart card and biometric activities;
Support implementation and troubleshooting for logical access control systems (LACS), Credentialing Unit (CU) and light Activation Kits (LAK's), using Personal Identity Verification (PIV) cards;
responsibility to secure TTB mission critical information system resources, ensure adequate management, operational and technical security controls are implemented to protect the confidentiality, availability and integrity of TTB information system throughout its lifecycle.
Provide security architecture support for new and existing infrastructure, application, cloud, and security projects;
Provide hands-on, technical design, administration and implementation support for new and existing security tools and solutions;
Perform system upgrades to security tools and solutions and ensure no end of life/support products are being used;
Perform system/application technical reviews to ensure adequate security controls are included as part of the system/application;
Conduct security products/services testing and evaluations;
Recommend and implement technical controls/measures to correct system/application security deficiencies;
Provide architecture, design, and implementation support for security analytics platform and tools;
Provide guidance and oversight of Web Application Firewall (WAF) and source code scanning policies;
Support security aspects of Internet Protocol (IP) version 4 to IP version 6 transition planning and implementation; and
Research, evaluate, test, and recommend new emerging security tools and technologies to address gaps in security coverage or replacement of old technology.
Plan, direct, or coordinate activities in such fields as electronic data processing, information systems, systems analysis, and computer programming
Act in a supervisory and leadership role across this work area as well as supporting TTB to maintain its Information Security Program and IT security infrastructure
Other duties as assigned
(To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)
Must be a U.S. Citizen or Lawful Permanent Resident Alien with at least three or more years of U.S. residency from the legal entry date in the U.S.
CISSP or equivalent certification
Minimum of 10 years professional experience related to Enterprise Network Design and Support:
A minimum of 6 years of experience related to information and cyber security / network defense
MS or BS w/ additional 2 years of experience
Knowledge, Skills and Abilities:
Customer and Personal Service Knowledge of principles and processes for providing customer and personal services. This includes customer needs assessment, meeting quality standards for services, and evaluation of customer satisfaction.
Engineering and Technology Knowledge of the practical application of engineering science and technology. This includes applying principles, techniques, procedures, and equipment to the design and production of various goods and services.
Technical certification in specialized area of cloud, database, and/or cyber security
Physical Demands: (The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
Work Environment: (The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.)
The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment.
During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise.
Chenega Corporation and family of companies is an EOE.
Equal Opportunity Employer Minorities/Women/Veterans/Disabled/Sexual Orientation/Gender Identity
Native preference under PL 93-638.
We participate in the E-Verify Employment Verification Program.