Cybersecurity Team Lead
San Diego, CA

Job Description

Primary Purpose:

Proactively lead a team of vulnerability management professionals with the responsibility of implementing progressive processes , following industry best practices to identify, document, mitigate & resolve vulnerability related risks. This position will also act as a sole contributor at times, but is primarily responsible for leading a team of analysts to accomplish the overall vulnerability management mission.

Duties and Responsibilities:

* Develop, implement, and execute industry-leading vulnerability management services, vulnerability remediation and patch management oversight.
* Plan and execute vulnerability assessments.
* Identify and resolve false positive findings in assessment results.
* Analyze threat and vulnerability feeds and analyze data for applicability.
* Responsible for generating timely vulnerability assessment reports to management and stakeholders.
* Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness.
* Recommend security controls and/or corrective actions for mitigating technical and business risk.
* Maintain an awareness of existing and proposed security standards, industry best practices, legislation and regulations pertaining to information security and recommend appropriate changes.
* Work with the business developers to maintain a Secure Software Development Lifecycle (SDLC).
* Development of Red Team exercise strategy and areas of concentrated focus.
* Publication of Red Team exercise reports detailing red team assessment results and recommendations.
* Performs other duties as assigned (no more than 5% of duties).

Education:

* Bachelor's Degree Computer Science or related discipline required.

Experience:

* 5-7+ Related experience.
* 5+ Years of experience in performing vulnerability assessments.
* 5+ Experience securing multiple platforms and operating systems.
* 5+ In-depth knowledge of technology, security, risk, and compliance best practices.
* 2+ Experience in a lead or management role a plus.

Skills and Abilities:

* Strong knowledge of CVSS rating system, NVD metrics.
* In-depth technical knowledge of various operating systems' security programs, communication ports and protocols.
* In-depth knowledge of leading Vulnerability scanning platforms -- Certifications desired.
* JAVA, J2EE, OO, XML, Web Services, Internet/Extranet/Intranet.
* Ability to think critically and work independently to meet objectives.
* Ability to think critically and work independently to meet objectives.
* Ability to multi-task and prioritize.
* Ability to brief technical risks and issues to executives and business leaders.
* Ability to be careful and thorough about detail.

Licenses and Certifications:

* SANs GIAC certification ( e.g., GPEN or GW APT) requied.
* ISACA Certified Information Systems Auditor (CISA) required.
* EC-Council Certified Ethical Hacker (CIEH) a plus.
* Offensive-Security Certified Professional (OSCP) a plus.
* (ISC)2 Certified Information Security Professional (CISSP) a plus.