Senior Governance and Information Security Manager with Security Clearance

---

Job description

Summit Technologies, Inc. is seeking a Senior Governance and Information Security Manager to lead a Vulnerability Management Governance Program. You will be responsible for Security Compliance, Policy Governance, Information Security Risk Assessment, Information Protection and Data loss prevention. This program will focus on remediating vulnerabilities to protect assets and provide visibility regarding technical risks and potential exposure. The ideal candidate will have relevant experience working with or in the Department of Defense (DoD) and ensuring Controlled Unclassified Information (CUI). This position requires working 3-4 days per week on site in Reston, VA. Candidates must have a minimum of an active DoD Secret security clearance. Duties and Responsibilities:
Support IT Security management by conducting technical reviews, analysis, and reporting.
Provide technical solutions in vulnerability management, issue analysis, and response development and execution.
Identify and help prevent risky or inappropriate sharing, transfer, or use of sensitive data on-premises and across apps and devices.
Play a key role in effort toward a centralized CUI-safeguarding solution.
Work closely with various IT systems and teams to ensure compliance with security policies and procedures.
Identify and classify important data across the environment. Manage where the data lives, classify it, and determine how it's being used or shared.
Manage and apply protective actions like encryption, access restrictions, and visual markings.
Data discovery, protection, loss prevention, and insider risk.
Develop Built in protection.
Provide Incident Response support, including mitigating actions to contain activity and facilitating analysis when necessary.
Configure and fine-tune scanning policies to ensure comprehensive coverage of applications. (Tools like the "Forrester Wave" a data security platform)
Create and run reports to monitor the status of vulnerabilities and security issues.
Work with available scripts and tools to automate security tasks and enhance the efficiency of vulnerability management processes.
Create detailed work instructions and documentation for vulnerability management processes, facilitating knowledge sharing and team-wide understanding.
Update and maintain documentation related to security policies, procedures, and standards, keeping them aligned with best practices and regulatory requirements.
Stay up to date on information technology trends and security standards.
Will be responsible for Data breach and control strategy.
Identify and help prevent risky or inappropriate sharing, transfer, or use of sensitive data on-premises and across apps and devices. Required Skills and Experience:
5+ years of hands-on experience engineering or administrating cloud solutions in support of data discovery, labeling, storing and recovery of data.
Understanding and working knowledge of data protection fundamentals and risk-based approach to information security.
Working knowledge and familiarity with DoD cybersecurity policy, requirements, and CUI handling.
Familiar with the "FOUO" (For official use only) designation and how it is applied to unclassified information to identify material which may not be appropriate for public release.
Strong knowledge of data protection techniques and best practices.
Experience with security solutions for data loss prevention, encryption, proxy, cloud data security, structured data security, and insider risk.
Knowledge of the Project "JEDI" (The Joint Enterprise Defense Infrastructure); Highly desired if you have experience working on this project.
Continuous learner well informed on technology trends, methodologies, and models.
Strong analytical abilities, verbal/written communication, and interpersonal skills.
History working with technical solutions for security policies and ensuring compliance with those policies and procedures. Education:
A bachelor's degree in Cybersecurity or possess a minimum of 6 years of experience working in a technical environment with diverse IT systems. Desired Certifications:
Desired - CISSP, CISM, PMP
Security Requirements: Must have a DoD Secret or Top Secret security clearance. If you feel you are qualified and want to be considered for this position, please supply the following to: , and please put the job number '6743' in the subject line: Updated resume including MM/YYYY for each employer.
Best times/dates to interview (plus phone # you can best be contacted at).
Availability to start once given formal offers. Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

<!– job description page –>