Key Responsibilities
Security Operations & Monitoring
- Monitor enterprise systems using CrowdStrike Falcon (EDR), Splunk (SIEM), and Tenable (Vulnerability Management).
-
Detect, investigate, and respond to threats, focusing on Controlled Unclassified Information (CUI) protection.
-
Maintain dashboards, alerts, and reports for proactive risk detection and escalation.
Vulnerability & Risk Management
- Conduct vulnerability assessments using Tenable tools and track remediation efforts.
-
Support patch management and configuration management to minimize risks.
-
Provide metrics and updates on risk posture to leadership.
Compliance & Documentation
- Maintain and update System Security Plans (SSPs) to reflect security control implementations.
-
Support internal and external audits (IRS, CMS, SSA, NIST, FISMA) with required documentation and evidence.
-
Ensure adherence to evolving compliance frameworks (e.g., NIST SP 800-53 Rev. 5).
Incident Response
- Triage and analyze security incidents across enterprise systems.
-
Collaborate with IT and business stakeholders on containment, eradication, and recovery.
-
Deliver incident reports, root cause analyses, and lessons learned documentation.
Security Awareness & Training
- Develop and deliver targeted security awareness programs.
-
Provide specialized training for privileged users and administrators.
-
Track and report on training participation and effectiveness.
Reporting & Communication
- Generate actionable insights through Splunk dashboards, Tenable reports, and CrowdStrike summaries.
-
Provide executive-level updates on risks, compliance, and incident trends.
-
Track remediation activities and ensure timely resolution.
Required Qualifications
- Bachelor’s degree in Information Security, Cybersecurity, IT, or a related field (or equivalent experience).
-
Hands-on experience with Splunk, CrowdStrike Falcon, and Tenable Nessus/Tenable.sc.
-
Strong understanding of CUI protection requirements and compliance frameworks (NIST, FISMA, IRS Pub 1075, CMS, SSA).
-
Experience in incident response, vulnerability management, and risk assessments.
-
Excellent analytical, documentation, and communication skills.
-
Preference will be given to candidates with State of Georgia experience.