Cybersecurity Tools Lead

Overview

Employee will assist in supervising and managing the TxDOT Cybersecurity Operations Tools Team; will work under the management of the TXDOT Cybersecurity Officer; will be responsible for administration, maintenance, and resilience of Cybersecurity tools; real-time data, metrics, and correlated incident input to the CSOC Manager for use in daily monitoring and incident response; and support of daily operations and incident response activities.

Employee will provide tooling input for end of month and annual reporting requirements as dictated by TxDOT. As appropriate, Employee will provide recommendations for improvements in daily operations, resilience, and Cybersecurity operational maturity. Employee will be responsible for planning and management of tooling deployment and operating/managing the security tool sets. Employee will be responsible for assisting in managing ongoing agency cybersecurity programs (e.g. Tabletop exercises).

• Custom Managed Scanning Services
• Custom Managed Endpoint Protection
• Managed CISCO Secure Network Analytics Service
• Security Information and Event Management (SIEM) administration

• 8 years Technical Team Management experience
• 8 years Deployment and configuration of Network Security monitoring and incident response tools (EDR, Scanners, SIEM, Netflow, etc)
• 8 years Administration of Network Security monitoring and incident response tools (EDR, Scanners, SIEM, Netflow, etc)
• 8 years Participation and experience in intrusion detection and incident response activities
• 8 years Effective, professional business communication and reporting

• 8 years Experience with the CISCO security suite of tools
• 8 years Experience with Microsoft EDR tools
• 8 years Experience with Microsoft Sentinel

#DICE

#LI-IC