Cybersecurity Operations Job Description
Cybersecurity Operations Duties & Responsibilities
To write an effective cybersecurity operations job description, begin by listing detailed duties, responsibilities and expectations. We have included cybersecurity operations job description templates that you can modify and use.
Sample responsibilities for this position include:
Cybersecurity Operations Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cybersecurity Operations
List any licenses or certifications required by the position: CISSP, CISM, CISA, SSL, CRISC, CEH, COMPTIA, CCSP, ITIL, FIPS
Education for Cybersecurity Operations
Typically a job would require a certain level of education.
Employers hiring for the cybersecurity operations job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Systems, Technology, Engineering, Information Technology, Technical, Information Security, Computer, Computer Engineering, Education
Skills for Cybersecurity Operations
Desired skills for cybersecurity operations include:
Desired experience for cybersecurity operations includes:
Cybersecurity Operations Examples
Cybersecurity Operations Job Description
- Conduct on-site required IA tests and document the results of the tests
- Attend Meetings and Conference Calls
- Identify Risks as they are associated with Cybersecurity
- Act as a cybersecurity expert during software development, software integration, Information Assurance (IA), Test & Evaluation (T&E) and Validation & Verification (V&V)
- Provide expertise on the Risk Management Framework that aligns both with the MCSC Certifier standards and HQMC C4 IA Designated Accrediting Authority (DAA) requirements
- Conduct system scans using Assured Compliance Assessment Solution (ACAS) and provide mitigation or remediation of findings
- Plan and lead the deployment of security technologies to monitor appliances for security risks and compliance
- Use your winning personality to influence broader Engineering, Operations, and Technology groups in adopting security compliance controls and processes
- Develop workflows, deploy tools and conduct reviews to make sure the lines of business understand security compliance requirements
- Effectively tune platform performance and assess the overall quality of delivered security solutions
- Experience developing, implementing, and executing security and controls assessment test plans
- Experience assisting with incorporating approved changes in the policy and other applicable documents
- Experience ensuring that system security requirements are addressed during all phases of the system life cycle
- Experience shepherding issues found during routine scans through a mitigation process
- Experience developing and implementing action plans to mitigate IA risks
- Experience in developing scripts to fix STIG related findings
Cybersecurity Operations Job Description
- Evaluate & build different security frameworks for all tiers and implement scalable security solutions
- We're looking for self-starters, who can lead teams and work with stakeholders
- Works closely with enterprise IT, Delivery, and other functional area specialists to ensure adequate security solutions are engineered and deployed in across the enterprise and together with other platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements
- Own user behavior analytics on behalf of the company
- Fully support the deployment and platform maturity through expansion design, capacity planning and configuration
- Remediation of system health-related alerts including on-call, overnight response, software/hardware failures and/or user-related issues
- Administrative maturity of the platform including patching and implementing security best practices
- Integration of key intelligence metrics into the platform to add value to the existing platform content
- Work with the vendor and customer (analysts) in fully utilizing the tool for an increased enterprise security posture
- Collaborate with cross-functional and/or cross-segment teams and influence the decision to incorporate IRM point of view
- Able to follow Operational processes and workflows
- Familiarity with DISA ACAS tool and Vulnerability Management System (VMS) REQUIRED
- Experience with NIST SP 800-53 and the Risk Management Framework
- Experience conducting system assessments and vulnerability testing in accordance with DoD Instruction 8500.2 Information Assurance Implementation
- Experience performing Security Technical Implementation Guides (STIGs) assessments for application servers and database security technical implementation
- Experience with scanning software and following STIGs to secure software and hardware in order to secure system and reduce or eliminate security vulnerabilities
Cybersecurity Operations Job Description
- Ensure active monitoring of network and endpoint inventory
- Support data collection from McAfee epo and IP360 into a ServiceNow repository
- Work with HP internal partners, vendors, and service providers to provide documentation for regulation compliance and adherence to applicable laws, industry and regulatory requirements, HP Cybersecurity policies and standards
- Perform incident management/response across the enterprise and provide consistent security monitoring, response, follow-up investigation, and determination of root cause
- Extensive experience in security engineering and/or operations with hands on experience
- Acts as an extended part of the Incident Response team when required
- Partner with Finance & Business Management to provide direction, advice and analytics across the team to ensure key financial & staffing targets are well-understood and managed, assist in tracking real estate footprint globally and coordinating moves and additional seats required across all locations
- Oversee the operations and security assurance organization, consisting of direct reports and indirect reports (including FTE employees, contract and MSS staff, external service providers and key technology partners and vendors)
- Manage the day to day operational tasks of the RPA team
- Assist with development of new automated processes
- Experience with Agile software development methodology, VMware vSphere, SCAP Compliance Checker (SCC), and Tenable Nessus
- Experience in system assessments for DoD IT systems
- Strong familiarity with DISA and DoD mandated Information Assurance practices
- Experience conducting vulnerability testing on Windows based systems
- 6+ years’ experience in the Certification and Accreditation process or equivalent technical experience with the Defense Information Assurance Certification & Accreditation Process (DIACAP) with a full understanding of the System Development Life Cycle
- At least 5 years of experience with security tools and infrastructures
Cybersecurity Operations Job Description
- Apply knowledge of tactical to strategic level intelligence analysis of Cyber threats, vectors, and actors in support of Cyber defense and computer network operations
- Define and implement operational process improvements to streamline the work intake and automation processes within the RPA team
- Manage and undertake core technical reviews to ensure consistent high quality and minimal rework of automated processes
- Contribute to the further development and implementation of RPA across the enterprise
- Act as key liaison between ECS and the central RPA operations team
- Information Security & Access Management (50%)
- On behalf of Global Cybersecurity, prepare and deliver regular written and verbal briefings across all levels of the enterprise as to the benefits and results of the threat modelling
- Maintain regular contact and liaison with internal partners across the enterprise to ensure a full understanding of their business processes, requirements and to respond to ad hoc requests as required
- Identify and action opportunities to improve and progress support to the business both generically and in times of a specific need
- Manage existing capability in collecting, analyzing, escalating, and responding to cyber attacks and assist in maturing overall program
- At least 5 years of experience with networks and systems
- At least 5 years of experience with working in a mixed technology environments
- 1 year of experience with core infrastructure components
- 1 year experience with SOX and regulatory and statutory compliance
- Strong knowledge of information security related analytics including user behavior analytics
- 5 or more years relevant information security work experience
Cybersecurity Operations Job Description
- Administratively ensure tools are functioning as designed to optimize delivery of threat alert data for analysis
- Lead cursory and/or in-depth analysis
- Review their requests, analysis and conclusions for delivery of additional SIEM content
- Develop and enhance an information security management framework based on the International Organization for Standardization (ISO) 27001 and National Institute of Standards and Technology (NIST) standards to integrate and normalize the wide variety and ever-changing requirements resulting from laws, standards and regulations
- Develop the metrics and reporting framework to provide status of the information security program to enterprise risk teams, senior business leaders, and the board of directors as part of a strategic enterprise risk management program
- Monitor the external threat environment for emerging threats, advising relevant stakeholders, and coordinating with external agencies, such as law enforcement and other advisory bodies, to ensure that the organization maintains a strong security posture
- Lead the Center for Cybersecurity Operations Education and provide administrative guidance in the development of the center
- Develop and enhance strategic partnerships with industry, government, and military
- Prepare and submit grant proposals related to training and workforce development
- Teach a director-level course load (2-2 or 2-1-1 workload) of cybersecurity courses and maintain faculty qualifications in the Department of Computer Science and Information Systems (including teaching, scholarship/research, and service)
- 1 or more years of Linux experience
- Understanding of cybersecurity environments
- Ability to collaborate with internal and external stakeholders, communicate with high-level management
- Understanding of security threats, techniques, landscape and self-driven desire to research current information security landscape
- Prior experience working in a large matrix organization and manage change, ambiguity, and urgency
- Security Tools experience (such as Gurucul, SIEM and/or ArcSight etc)