Additional info: 

• Apply preventive measures, system monitoring, and data analysis.
• Apply sound technical and management principles to identify and remediate cybersecurity vulnerabilities across the State Department global IT enterprise infrastructure.
• Perform Cybersecurity remediation through outreach to system owners and system administrators.
• Apply organizational and process change principals.
• Monitor the release of new Common Vulnerabilities and Exposures (CVEs) and inform stakeholders.
• Evaluate system performance results, response to incidents/problems, perform risk assessments, and evaluate performance metrics.
• Develop, identify, and resolve security vulnerabilities related to deployment and testing processes.
• Assist with streamlining and optimizing processes and procedures to rapidly remediate vulnerabilities from cybersecurity threats.
• Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
• Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.
• Implement strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.
• Develop policies and procedures.
• Perform operation and maintenance activities in support of existing CIC cyber tools and technologies (MSV, Qualys, Tenable Nessus and others).
• Identify, diagnose, and prioritize anomalies in cyber defense infrastructure and resources.
• Document, request and maintain ports, protocols, and services for CIC infrastructure.
• Perform cybersecurity testing of developed applications and/or systems. Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.
• Assist with developing reports and dashboards and make tuning request to SIEM system owner(s) in support of enhancing cyber monitoring.
• Make recommendations based on trend analysis to enhance monitoring and hygiene activities.
• Properly document all systems security implementation, operations, and maintenance activities and update as necessary.

• Bachelor's degree in a computer science/computer engineering related discipline or equivalent years of experience and expertise.
• 5+ years Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM)
• 2+ years extensive experience in penetration testing.
• Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz)
• Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee)
• Familiarity with OMB, NIST, Client, and related security guidelines and directives
• Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
• Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.
• Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.
• Knowledge of identity and access management solutions (MFA, PKI, SAML, etc.)
• Countermeasures / mitigations to identified cybersecurity risks.
• Information protection technologies (e.g., firewalls, antivirus, threat protection, servers, routers, and others as appropriate).
• Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

• GIAC Penetration Tester (GPEN) certification
• Microsoft Certifications (MCSE, MCSA, MCSD)
• CISSP or CISM
• IAT/IAM/IASAE level III equivalent.