Qualifications
Candidate must possess the following knowledge, skills and abilities:
- At least 2 years of experience of management of enterprise DLP tools.
-Able to demonstrate the skill level needed to lead and build out a DLP program.
-Ability to work with stakeholders to determine information types, patterns, and boundaries, then translating those into enforcement and/or actionable alerts for the Incident Response team.
-Demonstrate the technical skills to deploy and maintain on-prem DLP components, to include server OS administrative skills, agent deployment, or troubleshooting various issues as the result of a DLP deployment.
- Ability to optimize systems to meet enterprise performance requirements
- Ability to work with engineers/vendors to improve capabilities, resolve issues, and increase performance of security operation devices and configurations.
- Knowledge of operating system (Windows, Linux/Unix) command-line tools.
- Knowledge of endpoint security events and how they relate to possible attacks/intrusions.
- Ability to balance business needs with security policies.
- Organizational skills with the ability to multitask, take direction, prioritize, and manage multiple activities/tasks to achieve objectives.
- Ability to work in a fast-paced, technically challenging area; ability to anticipate and manage changes or problems; assess impacts and make sound recommendations.
- Proficiency in tailoring and/or recommending detection rules based on newly discovered IOCs and threats against government networks.
- CISSP, GCIA, GCIH, CASP, and other security certifications desired, but not required.