• Guide enterprise-scale logging initiatives and ensure compliance • Collaborate with IT and security stakeholders to meet logging and monitoring requirements • Implement and maintain the enterprise logging compliance platform • Enable the ability to monitor, detect, and respond to security events • Generate content, user guides, and reports for operational and compliance needs • Lead coordination of installations, updates, and maintenance of ELM and SIEM systems • Develop and maintain documentation for SIEM and ELM systems • Ensure log onboarding, reporting, and compliance requirements are met • Apply knowledge of threat detection and compliance auditing procedures • Utilize security controls automation and guidance documentation

• Deliver cybersecurity risk management services, including technology risk, security, and privacy services. • Conduct IT assurance and compliance activities, including gap analysis, IT audits, and compliance engagements (COBIT, ISO27001, ITIL). • Assist clients in implementing necessary controls and procedures to meet compliance requirements. • Identify and mitigate vulnerabilities in systems, networks, software, and information systems. • Conduct research on cybersecurity standards, security systems, and validation procedures. • Support clients in developing and maintaining IT incident management processes. • Create cybersecurity scenarios and emergency response plans. • Perform vulnerability testing, threat analyses, and security checks. • Deliver and present technical reports, test results, and findings to client management teams. • Develop, implement, and maintain security policies to minimize vulnerabilities. • Provide guidance and supervision to in-house IT teams. • Consult on security considerations during software, hardware, or application acquisitions.

• Design, implement, and sustain cybersecurity protections across a complex defense enterprise environment • Secure SAP and mission systems through robust risk management, A&A activities, vulnerability mitigation, and continuous monitoring • Identify and resolve highly complex issues to prevent cyber-attacks on information systems • Design, install, and manage security mechanisms that protect networks and information systems against hackers, breaches, viruses, and spyware • Respond to incidents, investigate violations, and recommend enhancements to plug potential security gaps • Actively engage in risk management and mitigation, proactively identify risks, and develop plan of actions to address the risks • Responsible for typical sets of controls such as firewalls, security of business systems, data leakage protection systems, patching, encryption, vulnerability scanning, pen testing • Conduct risk analysis for Risk Acceptance Requests (RAR) and provide cybersecurity support for the program and customer meetings • Monitor all operations and infrastructure for potential cybersecurity vulnerabilities

• Conduct application security assessments (web, mobile, API, etc.) using off-the-shelf or internally developed exploitation tools to execute manual testing for advanced attacks • Conduct network penetration testing assessments (external pen test, internal pen test, etc.) • Produce and deliver vulnerability and exploit information to clients in the form of a professional security assessment report • Conduct client conference calls to include, but not limited to project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations • Perform proactive research to identify and understand new threats, vulnerabilities, and exploits • Conduct exploitation testing using off-the-shelf or self-developed exploitation tools and document findings for client remediation • Excel as both a self-directed individual contributor and as a member of a larger team • Perform other essential duties as assigned