Company Overview: Visual Soft, Inc is seeking qualified candidates to work on our efforts with a Prime for their end customer, a federal agency.

Position: Cleared SENIOR SOC Analyst (Active TS is a MUST) -100% ONSITE, MUST be willing to undergo and obtain SCI from the agency

Location: Federal Intel Agency (Washington, DC)

# of positions: multiple

Shift time: 10 PM to 6 AM (Sunday to Thursday) --> available as of now. MUST be flexible to work in other shifts, if requested with advance notice by ONSITE manager.

• Support detailed discovery and analysis of intrusion detection security events that traverses the Agency's network, and assure quality work is performed.
• Act as the second tier escalation supporting Information Assurance Engineers and the Shift Team Lead.
• Ensure that all incidents are correct in review and construct all email notification messaging.
• Aggressively monitor and respond to alerts triggered in the SEIM tool or requests for assistance from customers.
• Use a variety of tools to investigate incidents and take immediate action or recommend a course of action to safeguard the Federal Intel Agency's systems.
• Document all incidents and create a clear narrative that supports conclusions.

Required Qualifications:

• Eight (8) years of security intrusion detection examination experience.
• Experience with a range of security technologies that produce logging data, including wide area networks, host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs.
• Ability to communicate clearly both orally and in writing.
• Tools required: Splunk ES, Splunk SIEM, Fire Eye Wireshark, Snort, PCAP Analysis, Top 10 OWASP Vulnerabilities.
• Bachelor's degree.
• Active TOP SECRET clearance with the ability to qualify and obtain SCI.

Preferred Qualifications:

• Willingness to work with other cybersecurity technology tools.

Standard Benefits:

Our standard benefits include 3 weeks of Paid time off (PTO that includes sick leave). Any unused PTO will be issued as a check at the end of an employee's anniversary with us. We also provide 2 floating and 8 public holidays. Floating and holidays expire at the end of every year of service of an employee. In addition, company will cover 50% of health and dental insurances only for all full-time employees, however, dependents can be added at extra cost. Employee's health and dental coverage becomes effective after 30 days or first of the month after an employee completes initial 30 working days, we cover 50% for the employee's health and dental insurances. Dependents coverage for health and dental insurances is available as an out-of-pocket expense for employees. An employee has to finish all of your paperwork for health and dental in the first 30 days of your employment with us. We provide STD, LTD, and one-time salary equivalent of life insurance at NO cost to all full-time employees. All full-time employees or W-2 employees with no benefits will be eligible to participate in the company's 401k program after 90 days of employment with a company match of 4%, immediate vesting. In addition, all W-2 employees are eligible to be part of the company's profit sharing, no employee contributions required. We do 'not' pay for parking and commute and relocation expenses.

About this Opportunity

Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security.

The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from existing and emerging security risks & improve application risk posture.

• Assist in the execution of Application Security Testing (Ethical App Pentest / FOSS / Static or Dynamic Security Testing / Threat Modeling) within the bounds of the Processes and DTCC Control Standards.
• Support data-to-day activities related to Application Security functions.
• Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk, and escalate where applicable.
• Collaborate with application development teams on application security assessments.
• Assists others on own team, or other teams where applicable.
• Actively contribute subject matter expert knowledge to the Security Mavens Community.
• Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; escalates appropriately

Required Qualifications

• Minimum of 4 years of related experience

Preferred Qualifications

• Bachelor's degree preferred or equivalent experience
• Fosters a culture where honesty and transparency are expected.
• Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date.
• Collaborates well within and across teams.
• Communicates openly with team members and others.
• Resolves disagreements between colleagues effectively, minimizing the impact on the wider team.

NA

Position Summary

Responsible for successfully executing enterprise-wide Information Security Operational controls and processes that protect the company’s data and functions across all business areas. Adhering to data protection standards, procedures, regulatory oversight, and technical solutions for the Information Security department.

Develop and execute a comprehensive Insider Threat strategy, responsible for program development, and effective operations of all associated controls. This position will be highly engaged cross functionally, always providing high quality security solutions to detect, assess, monitor, and respond for insider threats ranging from users to assets and manage security information to keep ahead of such threats.

Leads the Vulnerability Management program as a vulnerability management SME throughout a global technology organization with various legacy and modern systems within data centers and the cloud. Develops enterprise policy and technical standards with specific regard to vulnerability management and secure configuration.

Performs all duties in accordance with the company’s policies and procedures, all state, federal, and country laws and regulations, wherein the company operates.

In accordance with regulatory and audit requirements, this position will perform analysis of systems and programs, including the cyber-security related programs and initiatives. Delivery of activity reporting, including metrics, environment impact, effectiveness progress, and performance, and risk indicators.

• Designing and implementing an Insider Threat program leveraging technologies such Security Information Event Management - SIEM, User Behavioral Analytics - UBA, Data Loss Prevention - DLP and an understanding of the investigations and intelligence cycle
• Oversight of Vulnerability Management Program for IT, OT and Cloud assets across the enterprise
• Leadership position responsible for the independent execution and continuous improvement of the Insider Threat and Vulnerability Management programs
• Testing and maintaining security tooling, particularly for endpoint detection and investigation
• Collaborating cross-functionally with Security, IT, Human Resources, Privacy, and Legal on defining policy and investigative outcomes
• Creating and maintaining all documentation around insider threat and vulnerability management processes, procedures and necessary evidence for compliance
• Developing operational processes and alignment with cross functional teams
• Creating and documenting business process, and communicating needs inside and outside of the team
• Act on improving processes and procedures
• Maturing, or building new, TVM SLA & KPI tracking tools to ensure team and company compliance
• Utilizing threat intel and analysis tools and vendors to identify, automate, manage and prioritize continually changing threats
• Manage a team responsible for Monitoring, tracking, investigating, and reporting in compliance with security requirements, and works with the responsible parties to drive timely results and remediation
• Generates and monitors effective and actionable Information Security reporting across all Information Security technical landscape
• Research and track current security threats
• Participates in the global distribution of the enterprise Cyber-Security Operations Security Awareness training and campaigns
• Practices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements (i.e., PCI-DSS, SOX, GDPR, CCPA)
• Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the organization
• Participate in on-call efforts on a rotational basis

Required Qualifications

• Strong oral and written communication skills appropriate for consultation with all levels of management
• Experience with building Insider Threat programs and associated best practices
• Vulnerability Management program leadership experience
• Experience building and training teams
• Strong problem-solving and analytical skills
• Experience in collaboration amongst multiple lines of business and geographic theaters. Multi-national enterprise experience
• The ability to thrive in a fast-paced, dynamic environment
• The ability to influence and drive change within teams and the organization
• A self-starter with a hands-on style, high level of energy, stamina, and drive
• A strong team player who is proactive and driven to achieve results
• Organizational and time management skills
• Previous senior leadership experience working as part of an enterprise Information Security team

Preferred Qualifications

• Information Security-based certification preferred (i.e., CompTIA, Network+/Security+, CEH, GIAC GSE, SANS Academy certs, or similar)

The estimated base salary range for the Associate Director, Threat and Vulnerability Management - Information Security Operations - Remote role based in the United States of America is: $167,200 - $250,800. Should the level or location of the role change during the hiring process, the applicable base pay range may be updated accordingly. Compensation decisions are dependent on several factors including, but not limited to, an individual’s qualifications, location where the role is to be performed, internal equity, and alignment with market data. Additionally, all employees are eligible for one of our variable cash programs (bonus or commission) and eligible roles may receive equity as part of the compensation package. We offer a wide range of benefits as innovative as our work, including access to genomics sequencing, family planning, health/dental/vision, retirement benefits, and paid time off.

At Illumina, we strive to foster a diverse and inclusive workplace by cultivating an environment in which everyone contributes to our mission. Built on a strong foundation, Illumina has always been rooted in openness, collaboration, and seeking alternative views and perspectives to propel innovation in genomics. We are proud to confirm a zero-net gap in pay, regardless of gender, ethnicity, or race. We also have several Employee Resource Groups (ERG) that deliver career development experiences, increase cultural awareness, and demonstrate our collective commitment to diversity and inclusion in the communities we live and work. We are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information. If you require accommodation to complete the application or interview process, please contact accommodations@illumina.com. To learn more, visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf. The position will be posted until a final candidate is selected or the requisition has a sufficient number of qualified applicants.