Cyber Lead, Risk and Vulnerability

About us: 

Gen3 Technology Consulting is an SBA Certified Woman-Owned Small Business (WOSB) providing a diverse set of technology services and solutions to federal and commercial clients. Founded in 2017, Gen3 leverages over 25 years of information technology management and leadership experience to help our clients define, plan, manage, and achieve their strategic vision while protecting their critical IT assets. We attract and retain the highest caliber of talent by supporting an inclusive work environment, cultivating growth and leadership both professionally and personally, and encouraging work-life balance. We strive to make it our priority to be compassionate, family-friendly, respectful, and flexible.   

Gen3’s Joint Ventures, Pivotal Impact (JV with Caladwich) and VetCentric (JV with PingWind) expand our team’s knowledge and expertise as we pool resources to bring federal agencies strong technical, program management, and cyber security solutions, derived from a disciplined management consulting approach.  

About the role:

Gen3 is looking for a Cyber Lead, Risk and Vulnerability to support the IRS ISSM Vulnerability Compliance and Remediation Program, which is based on four pillars: Vulnerability Remediation, Compliance, Asset Management, and Continuous Monitoring.  The Solutions Architect will serve as the technical lead to assist the IRS in developing new capabilities and implementing automated processes and tools.

Location: Remote, Lanham, MD. (Need to be east coast).  

What you'll do:

• Risk Assessment: Conduct comprehensive risk assessments to identify potential threats and vulnerabilities in the organization's IT infrastructure. This includes evaluating the potential impact of these risks on the organization's operations, data, and assets.
• Threat Intelligence: Stay informed about the latest cybersecurity threats and trends. Monitor threat intelligence sources to understand emerging risks and vulnerabilities that may affect the organization. Use this information to adapt and enhance security measures.
• Compliance and Regulations: Ensure that the organization complies with relevant cybersecurity regulations, standards, and best practices. This may include industry-specific frameworks like NIST, and IRS regulations.
• Security Policies and Procedures: Develop and enforce cybersecurity policies and procedures to protect against risks and vulnerabilities. This includes creating incident response plans, security awareness training, and access control policies.
• Incident Response: Lead the incident response team in the event of a cybersecurity incident or breach. Develop and implement strategies for identifying, mitigating, and recovering from security incidents effectively.
• Team Leadership: Manage a team of cybersecurity professionals, including vulnerability analysts, risk assessors, and security engineers. Provide guidance, mentorship, and training to team members.
• Reporting and Client Communication: Regularly report on the organization's cybersecurity posture to senior management and stakeholders. Clearly communicate risk assessments, vulnerabilities, and recommended mitigation strategies.
• Security Tools and Technology: Evaluate and implement cybersecurity tools and technologies that can help automate vulnerability scanning, threat detection, and risk assessment processes.
• Continuous Improvement: Continuously assess and improve the organization's cybersecurity posture. Stay up to date with evolving cybersecurity threats and technologies to adapt security measures accordingly.

Overall, a Cyber Lead, Risk & Vulnerability plays a crucial role in safeguarding an organization's digital assets by proactively identifying and addressing security risks and vulnerabilities while ensuring compliance with industry regulations and best practices. This role requires strong leadership, technical expertise, and the ability to adapt to evolving cybersecurity threats.

What you'll need:

• Bachelor’s degree or equivalent with 8 years of experience.
• Prior experience supporting the Internal Revenue Service or other state or federal government agencies.
• Active Public Trust or above, or ability to attain it (clearable).
• Experience with cybersecurity vulnerability and risk assessment programs.
• Experience with privacy engineering, analysis, and assessment; working on and/or managing contracts with privacy compliance responsibilities. 
• Federal Information Security Management Act (FISMA) familiarity. 
• Transition-In experience, including the creation and implementation of a Knowledge Transfer Plan (KTP).  
• Knowledge of the Internal Revenue Manual (IRM) of the IRS compliance with Office of Budget Management (OBM) requirements. 
• Expertise in most of all the following areas: Vulnerability Management, Data Analysis, Security Engineering, Security Architectures and Models, Access Control Systems, Incident Reporting, Security Auditing and Methodology, Applications and Systems Development, IT Networking and End User Support, Computer Security Material Weaknesses, Risk Management Function, Business Continuity Planning, Familiarity with NIST Special Publications and Standards.
   

What's In It for You (full-time Gen3 employees):

• Competitive compensation.
• Comprehensive health, vision, and dental benefits.
• Generous PTO and 11 days of paid Federal Holidays.
• $3k annual tuition reimbursement.
• 401(k) with a matching plan.
• Pet insurance.
• Life and AD&D insurance.
• Short-term and Long-term disability insurance.

Employment Eligibility: Eligible to work for any employer in the United States without requiring sponsorship. Most of our positions require a government security clearance, you must be a US Citizen or Green Card holder for consideration. Certain positions require at least three (3) of the past five (5) years of residence in the United States.

Other Requirements:

• A minimum of three (3) out of the past five (5) years of residency in the United States is mandatory.
• Candidates must possess either an active green card or citizenship.
• Prospective employees offered a position must have work authorization that does not necessitate employer-sponsored visa sponsorship, both presently and in the future.
• Those selected for this role may undergo a government security investigation and must meet the eligibility criteria for accessing classified information or be eligible for security clearances.
• Location: Gen3 is currently focusing its hiring efforts in these states: Alabama, Arizona, Colorado, DC, Florida, Georgia, Kentucky, Maryland, Missouri, North Carolina, New York, Ohio, Oklahoma, Oregon, Texas, Virginia, and Wisconsin.

Veteran and HubZone-friendly employer.

E-Verify Employer. EOE Statement: Gen3 is an equal opportunity employer. We adhere to all federal regulations and ensure that our hiring practices are based solely on merit. We do not discriminate against any applicant based on race, color, sex, sexual orientation, gender identity, religion, national origin, disability, or veteran status. All qualified applicants will receive consideration for employment.

Accommodation: Please contact the recruiting team at recruiting@gen3technology.com if you would like to request a reasonable accommodation during the application or interviewing process.