GovCIO · 14 hours ago
Sr. Cyber/Cloud Security Specialist
US-DC-Washington
Full-time
Hybrid
Senior Level, Lead/Staff
$185K/yr - $200K/yr
12+ years expGovCIO is currently hiring for a Sr. Cyber/Cloud Security Specialist to serve as Lead Information Technology Specialist and Cybersecurity Operations. This role involves contributing to the Agency’s IT Security Program and advising on cybersecurity developments while directing the Commission’s Cybersecurity Operations cell.
ConsultingIT InfrastructureIT ManagementManagement Consulting
No H1B
U.S. Citizen Only
Responsibilities
Serve as Lead Information Technology Specialist (INFOSEC), Cybersecurity Operations (SECOPS) responsible for contributing to the Agency’s IT Security Program, directs SECOPS, coordinates, and maintains inputs to EEOC's IT Security Program
Advise and support the Chief Information Security Officer (CISO) on developments in Cybersecurity (CS), Information Security (INFOSEC) and IT Security emerging technical threat vectors, advanced persistent threats (APT), attack surface or weaknesses
Advise Agency-level technical implementation or introduction of policy and orders, proactively developing supporting documentation and drafts for implementation
Direct the Commission’s Cybersecurity Operations (SECOPS) cell, influences a range of the EEOC’s operations, many of which have a direct and corresponding impact to the mission of the EEOC and its' critical infrastructure
Enables and administrates incident handling (IH) and response (IR), security incident and event management (SIEM) dashboards, inputs, “playbooks” and metrics to achieve efficiency
Facilitates, coordinates, and administers EEOC's Cybersecurity Operations (SECOPS) in support of the Information Security (INFOSEC) Program, and aids Agency Information system security program officers. Ensures accurate and timely status reporting of SOC efficiency metrics and recommends necessary adjustments
Advising authority for threat, vulnerability, and configuration management; conveys threat product recommendations to EEOC staff and customers; and provides expertise and insight to OIT for industry attack trends, mitigations, and active defenses
Qualification
Required
Bachelor's degree in Cybersecurity, Information Assurance or Information Security with 12+ years (or commensurate experience)
Ability to guide discussions, support CISO decisions with or without team support and effectuate positive cybersecurity changes at varying levels - users, developers, system admins, Directors, Managers and Executives where necessary
Demonstrated experience as a SOC lead or Senior Team successfully engaging with managed security service providers (MSSP), Joint Cybersecurity external entities (e.g., CISA, CYBERCOM) on incident response (IR), weakness, incident handling (IH) and vulnerability management (VM), including mitigating actions to contain activity and facilitating forensics analysis when necessary
Documented applied theory as SOC Manager or Team lead conducting and guiding in-depth evaluations of current INFOSEC/IT Security/Cybersecurity tactics, technics, and procedures, to include their effect on baseline configurations
Demonstrated proficiency as a SOC manager or Senior Team lead providing cybersecurity hygiene and posture status, support debriefings and input in support of Governance, Risk, and Compliance (GRC) activities, and ongoing evolutions
Provide network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
Demonstrated experience as a SOC manager or Senior Team lead with expertise conducting and guide log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
Security implementation techniques and strategies in web services. Solid understanding of securing web technology, Microsoft cloud (e.g., Azure, M365, etc.) security knowledge and demonstrable abilities
Skilled security evaluation of complex web portals (e.g., Java, APIs, Ruby,; databases (i.e., SQL , Oracle) using commercial or open-source tools such as SQLmap, mongoaudit, etc
Near Expert Web Application Attack and Audit Frameworks to include Security evaluation of applications and websites using commercial or open tools NMAP, W3af, etc
Near Expert execution of a continuous monitoring and remediation program using commercial or open tools (i.e., Azure Security Center, Defender for Cloud, NMAP, Wireshark, Qualys)
Near Expert execution of an end-point detection and response (EDR) remediation program using commercial or open tools (i.e., HBSS, SEP, Defender)
Near Expert knowledge of and experience coordinating security operation center (SOC) principles, incident handling (IH), incident response (IR) as well as exploitation tactics, techniques, and procedures (TTP)
Facilitate the adoption of security best practices with functional teams (i.e., developers, database administrators, web application administrators) using technical knowledge and interpersonal skills
Clearance Required: Must be able to acquire an EEOC Public Trust
Preferred
Most Desirable Certification(s): CISSP, OSCP, GCIH, GPEN, GSEC, GSNA, GAWN, GCIA, GSE, GWEB, GPPN, GCED, GCID, CCSP, GCWN
Benefits
Employee Assistance Program (EAP)
Corporate Discounts
Learning & Development platform, to include certification preparation content
Training, Education and Certification Assistance*
Referral Bonus Program
Internal Mobility Program
Pet Insurance
Flexible Work Environment
Company
GovCIO
GovCIO is a business consulting firm that focuses on cyber security, digital, data, management and mission services, and IT services.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Lynn Oakes
Sr. Vice President, Contracts at GovCIO
Andre Green
Vice President Special Operations Support Solutions (SOSS) GOVCIO
Recent News
Washington Technology
2026-01-14
2026-01-14
Washington Technology
2025-11-26
Company data provided by crunchbase