Senior Cyber Job Description
Senior Cyber Duties & Responsibilities
To write an effective senior cyber job description, begin by listing detailed duties, responsibilities and expectations. We have included senior cyber job description templates that you can modify and use.
Sample responsibilities for this position include:
Senior Cyber Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Cyber
List any licenses or certifications required by the position: ITIL, II, IASAE, IAT, SANS, CISSP, CEH, SSCP, CISM, DOD
Education for Senior Cyber
Typically a job would require a certain level of education.
Employers hiring for the senior cyber job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Information Security, Technology, Cyber Security, Information Technology, Education, Science, Computer Engineering
Skills for Senior Cyber
Desired skills for senior cyber include:
Desired experience for senior cyber includes:
Senior Cyber Examples
Senior Cyber Job Description
- Security administration is a hands-on role that requires a high level of technical expertise including networking, operating systems, and security
- Performs root cause analysis of vulnerabilities, and work with teams to remediate
- Produce vulnerability, configuration, and coverage metrics and report those metrics to demonstrate assessment coverage and remediation effectiveness
- Proactive and a self-starter, being able to manage your time effectively
- A good technical understanding of systems and networks IP/Routing
- Conducts security tests using automated tools, ad-hoc tools, and manual testing
- Conducts penetration testing against different technological domains including, but not limited to, web products, hardware products, wireless products, software, cloud based software, smart device applications
- Assesses and calculates the risk based vulnerabilities and exposures discovered during testing
- Creates required information security documentation, technical reports, and formal papers on test findings, and completes requests in accordance with requirements
- Handles and completes customer projects to the defined requirements in the timeframe required by the customer with the highest quality and integrity of work
- 10 - 15 years of related professional experience within Information Technology and/or Information Security or equivalent combination of education and work experience
- Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment
- Bachelor's degree and 12+ years of experience in Information Technology, including Cyber Security
- Experience with security scanning and evaluation tools (Nessus, Retina, Wireshark, NMAP, EnCASE)
- Intermediate proficiency and recent experience (last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (Wireshark, Splunk, ChopShop, Dshell, Network Miner, Moloch, etc)
- Strong or Intermediate ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity
Senior Cyber Job Description
- Develop vulnerability assessments and penetration testing protocols
- Detect unwanted attempts at accessing, manipulating, and/or disabling of information systems using a variety of tools, techniques, and methodologies to defend against system and network intrusions
- Produce measurements and metrics and report project status develop and refine standard operating procedures
- Participates in an on-call rotation with department
- Support us with initial assessment of BTS feeder system interfaces to support financial reconciliations and support remediation of IT Controls and transition to RMF security requirements
- Performs cyber security tasks such as system administration, requirements definition, analysis, design, programming, testing, and implementation
- Responsible for SRP's compliance with various federal and state regulations industry compliance requirements
- Ensuring SRP's cyber security policies reflect current compliance standards
- Monitors and analyzes network traffic to identify unusual activity patterns and to recognize malicious attacks
- Be an advocate for Secure design of automation and industrial control systems
- CIPP or CIPP/IT certified
- Bachelor's degree from an accredited college/university preferred and three years of work experience an Information Security role
- Broad knowledge of security systems and controls covering physical, procedural and technical areas with appropriate SME knowledge in some subjects
- Experience in security consultancy, risk assessment and compliance activity in corporate and government environments, including exposure to ISO27001 and other relevant management standards
- Knowledge and implementation experience of security best including UK Government security requirements
- CCP SIRA and/or IA Architect desirable
Senior Cyber Job Description
- Performs exploit analysis and authors exploitation tools/techniques
- Demonstrate computer incident forensics (system, network, and/or malware) capabilities in order to build context
- Applies cyber security knowledge to help assess a variety of applications and deployment platforms that are under development *
- Leads and directs the development of Risk Management Framework packages *
- Manages the full range of security issues including architectures, software assurance, data transfer, and network access *
- Performs research and analyses to identify and investigate solutions to complex cyber challenges *
- Participates in relevant cyber security working groups *
- May interface with external agencies (intelligence/government agencies)
- Maintain and expand the security architecture for Financial Guard through sound engineering processes
- Direct collation of records and reports concerning network operations and maintenance
- DoD 8570.1-M Compliance at IAT Level II (e.g., Certified Information Systems Security Professional (CISSP), GIAC Security Leadership Certification (GSLC), Certified Information Security Manager (CISM) certification
- Documented education, specialization or certification in one (or more) of the following technologies or tools
- Experience in python programming, powershell programming, and script development
- Knowledge and experience of DoD and USMC security certification processes to include risk management framework
- Must possess experience with DoD’s defense in depth architecture
- Must have CompTia Security+ or higher certification
Senior Cyber Job Description
- Lead efforts to define processes and procedures that support secure design, development, and support of products
- Work with product engineering teams to understand cyber security test results to help identify remediation techniques that could be employed to address the findings
- Participate in and assist with the development test protocols
- Creates reports and recommendations for the Information Assurance (IA) team review for application testing acceptance
- Ability to analyze and interpret test findings to identify inter-related findings, the root cause of issues
- Support the Governance and Risk Compliance processes were test findings are captured and raised for review and incorporation in product engineering design
- Provide the technical SME input into internal and external stakeholders and projects
- Development and support of security solutions that uplift csoc (Cyber Security Operations Centre) capability
- Day to day support, administration and monitoring of solutions/platforms
- Uplift legacy solutions/platforms to maintain supportability
- Demonstrated success leading and/or conducting security analysis, incident response or information assurance assessments
- Organizational-understanding of corporate and government enterprise IT solutions
- Demonstrate manual product penetration testing
- 3 years of experience with HBSS, Windows Server 2003/2008R2, file/system storage
- A degree in Computer Sciences, Cybersecurity, Information Systems, or related field required or equivalent combination of education and work experience
- Strongly prefer considerable knowledge and experience with both dynamic and static code scanning tools such as WhiteHat, Fortify, WebInspect, Veracode, etc
Senior Cyber Job Description
- Development, research and deployment of analysis content for CSIRT consumption including meta-data, parsed log data and packet data, rules and alerts
- Programmatic enrichment and dissemination of intelligence from all available sources
- Automation of repeatable CSIRT processes related to workflow within platforms
- Collaboration with Curation functional role in deriving features from known IoCs and TTPs to develop behavioral or specific detection and response content
- Maintaining developed content documentation including how it aligns with different platform, automation and workflow mechanics
- Tracking dependent support issues
- Facilitate day to day operations for the Cyber Security and Intelligence Response Team
- Developing improved ways to curate, enrich and disseminate threat intelligence data
- Serve as level 3 analyst for escalations
- Perform POCs to further CSIRT technology stack
- The Cyber Response Senior Analyst is a member of the Cyber Security Operations Centre with primary responsibility for responding to events
- Broad appreciation and awareness of other cyber security technologies and how are being deployed and integrate with own area of subject matter expertise
- Experience with Computer Network Defense (CND) technologies used in the Intelligence Community technologies used in the wider commercial and government domains (including NIDS/NIPS, HIDS/HIPS, SIEMs)
- Bachelor's in Computer Science, or equivalent relevant and recent experience is required
- Ability to work collaboratively within the firm’s commercial, Cyber, and strategic innovation practices, leveraging knowledge and delivering for clients in a matrixed environment
- Direct experience in security operations center work, network event analysis, threat analysis, and/or intelligence analysis is strongly preferred, but not required if balanced by additional security experience (beyond two years) or technical skill