Introduction
The Maryland Department of Information Technology’s (DoIT) mission is to
provide vital technology solutions that allow the Executive Branch, State
Agencies, and Coordinating Offices to provide Marylanders with services that
enable them to live and work more safely, efficiently, and productively.
The Office of Security
Management (OSM) within the Department of Information Technology provides a
statewide strategy for secure, effective, and technically sound use of the
State's information technology resources. The team is responsible for
establishing security policies, security guidance, security awareness, and is a
source of IT security information for State agencies.
GRADE
25
LOCATION OF POSITION
Dept. of Information Technology (DoIT)
100 Community Place
Crownsville, MD 21032
Main Purpose of Job
A DoIT Cyber Defense Incident Responder Manager is a managerial position in the Office of Security Management (OSM). This position is tasked with daily management of the Security Operations Center, which includes providing direct oversight of multiple groups within the unit.
Additional responsibilities include handling escalated security incidents and supporting the investigation and remediation of these events, proactive threat hunting, capability development, and continuous operational improvement.
This is a Management Service position, and serves at the pleasure of the Appointing Authority.
POSITION DUTIES
Supervises subordinate staff involved with the
management of the Security Operations center.
Assigns and reviews work for completeness,
accuracy, the application of and compliance with State and federal policy,
procedures, laws, rules, and regulations.
Plans and controls workload to ensure
accuracy and compliance.
Analyzes work to determine causes of errors, and
recommends and implements corrective actions, and policy and procedural changes
when necessary.
Trains and mentors’
staff in work/time management and technical areas.
Provides,
manages, and maintains a 24/7/365
shift schedule for the entire team.
Maintains positive staff morale by improving functioning and cohesiveness of
staff.
Handles escalated security incidents and supports investigation and remediation of these events, proactive threat hunting, capability
development, and continuous operational improvement.
MINIMUM QUALIFICATIONS
Education:
Bachelor's degree in computer information technology, management
information systems, or other information technology-related field from an
accredited college or university.
Experience:
Three years of experience in managing a
Service Operations Center (SOC) or other technology operations
environment. Experience needs to include
security incident handling, malware analysis, and performing digital forensics.
Notes: Candidates may substitute general experience in an IT position with
primary responsibility that includes network management, server management, or
security operations on a year for year basis for the required education.
DESIRED OR PREFERRED QUALIFICATIONS
Our Preferred Candidate Will Have the Following:
-Project Management experience.
One or More of the Following Certifications:
-International Information System Security Certification Consortium, Inc. (ISC)2
-Certified Information Systems Security Professional (CISSP)
-Information Systems Security Management Professional (ISSMP)
-Global Information Assurance Certification (GIAC)
-Certified Forensics Examiner (GCFE GIAC)
-Security Leadership Certification (GSLC GIAC)
-Strategic Planning, Policy, and Leadership (GSTRT GIAC)
-Law of Data Security & Investigations (GLEG GIAC)
-Information Systems Audit and Control Association (ISACA)
-Certified Information Security Manager (CISM)
-Certified Information Systems Auditor (CISA)
Additionally, the Following Certifications are Desirable:
-EC-Council
-Certified Chief Information Security Officer (CCISO)
-Certified Ethical Hacker (CEH)
-Certified Ethical Hacker Master (CEH Master)
-Certified Authorization Professional (CAP)
-Certified Secure Software Lifecycle Professional (CSSLP)
-Certified Cloud Security Professional (CCSP)
-Systems Security Certified Practitioner (SSCP)
-Cloud Security Alliance (CSA)
-Certificate of Cloud Security Knowledge (CCSK)
-Offensive Security
-Offensive Security Certified Professional (OSCP)
-Offensive Security Wireless Professional (OSWP)
-Offensive Security Experienced Penetration Tester (OSEP)
-Offensive Security Web Expert (OSWE)
-Offensive Security Exploit Developer (OSED)
-Offensive Security Exploitation Expert (OSEE)
-Project Management Institute (PMI)
-Project Management Professional (PMP)
SELECTION PROCESS
Please make sure that you provide sufficient information on your application to show that you meet the qualifications for this recruitment. All information concerning your qualifications must be submitted by the closing date. We will not consider information submitted after this date. Successful candidates will be ranked as Best Qualified, Better Qualified, or Qualified and placed on the eligible (employment) list for at least one year.
EXAMINATION PROCESS
The assessment may consist of a rating of your education, training, and experience related to the requirements of the position. It is important that you provide complete and accurate information on your application. Please report all experience and education that is related to this position.
BENEFITS
FURTHER INSTRUCTIONS
Online applications are highly recommended. However, if you are unable to apply online, the paper application and supplemental questionnaire may be submitted to: Department of Budget and Management, Recruitment and Examination Division, 301 W. Preston St., Baltimore, MD 21201. Paper application materials must be received in our office by the closing date for the recruitment. No postmarks will be accepted.
For questions regarding this recruitment, please contact the DBM Recruitment and Examination Division at Application.Help@maryland.gov or 410-767-4850, MD TTY Relay Service 1-800-735-2258.
We thank our Veterans for their service to our country.
People with disabilities and bilingual candidates are encouraged to apply.
As an equal opportunity employer, Maryland is committed to recruitment, retaining and promoting employees who are reflective of the State's diversity.
For education obtained outside the U.S., a copy of the equivalent American education as determined by a foreign credential evaluation service must be provided prior to hire.