Michael Baker International is a leading provider of engineering, development, intelligence and technology solutions with global reach and mobility. The firm offers a comprehensive range of innovative services and solutions in support of federal, state, and municipal governments, foreign allied governments, and a wide range of private development and commercial clients. Michael Baker International’s focus is on the safety and security of people across the world through planning and engineering improvements to infrastructure and the environment, and through protection of our quality of life and freedom in support of national and international security. With more than $1 billion in annual revenue, Michael Baker International has more than 5,000 employees in over 80 offices located across the U.S. and internationally, and is ranked as the 26th largest design firm in the U.S. by Engineering News Record (ENR). Michael Baker International’s Mission is to make a difference by providing innovative solutions to sustain the future and further the safety, security and quality of life for people across the globe by providing the highest level of expertise, unmatched quality and effective project teams for a diverse range of projects and clients. Michael Baker International offers excellent benefit packages that includes: Medical, Dental, Vision, Disability Insurance, Life Insurance, Flexible Spending Accounts, Additional Paid Time Off, Flex-Time, 401-K Retirement Plan, Tuition Reimbursement and Employee Credit Union. To learn more, please visit us on the web at www.mbakerintl.com . Michael Baker International is an EEO/Affirmative Action Employer - M/F/Disability/Veteran/e-Verify Employer

JOB SUMMARY

We are looking for a highly capable and motivated Senior Manager Cybersecurity Analyst, who will be an integral part of the Office of Chief Information Security Officer (OCISO) and plays a critical role in safeguarding Michael Baker International (MBI) resources.  The individual will design and build from scratch effective services that create the ability to collect, analyze, detect and respond to a variety of cybersecurity anomalies and incidents at (MBI). Possess and apply critical thinking to developing capabilities safeguarding MBI intellectual property and customer digital resources.  Collaborate with ITS and business group members to investigate events, anomalies and incidents through to resolution.  Ensure proper process and procedures are developed, executed, documented, ultimately providing clear after-action outcomes directing remediations designed to ensure improvements align with regulatory cybersecurity and compliance goals. 
 

In this role, you will be responsible to establish the foundation and operational processes and procedures to implement cybersecurity analysis, detection, and incident response services supporting the protection of MBI.  Drive enterprise technical defense-in-depth layers, collaborating with cybersecurity architects and engineers ensuring services and capabilities are built into solutions prompting visibility, data collection, analysis, threat modeling and incident response. The role spans all aspects of cybersecurity adding inputs and changes across a variety of platforms including network, endpoint, software development, cloud, and mobility to drive improvements. Collaborate with the ITS Team to help elevate cybersecurity understanding and provide guidance in driving increased visibility, data collection, analysis and response capabilities across all platforms. Continuously examine methods to improve detect/defend including AI enabled ecosystems focused on safeguarding data across multiple platforms, instances, endpoints, and views.  Think outside the traditional box on how we might better protect MBI digital resources against threats and manages security risk to internal stakeholders and our clients.

"Preferred" locations are Pittsburgh, PA and Alexandria, VA, but open to other locations in U.S. Only serious and qualified candidates will be considered.

ESSENTIAL DUTIES & RESPONSIBILITIES:

• Establish and lead aspects of incident detection, response, and recovery services driving cybersecurity analysis, detection, indicator of compromise (IOC) development,
• Define the correct model providing the services to MBI leveraging outsource/insource solutions.
• Possess deep knowledge of incident response process and procedures applying CKC, CERT or hybrid detection/response models

• Support the CISO building innovative solutions to move the needle in positive direction
• Work closely with the other organizations across ITS and the business driving cybersecurity requirements across all solutions.
• 60% of the role focuses on the hands-on engineering aspect of working directly with tools, and 40% of the role will be managing the team.
• Serves as a technical subject matter (SME) on cyber security nation-state and cyber-criminal actors, campaigns, and threat modeling.
• Build out small but highly functional team, establishing capabilities and automating function
• Support the development of cybersecurity technical roadmaps and documentation to drive constant cyber transformation and improvements in MBI detect/defend capabilities.
• Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
• Performing diagnosis of system related problems and ensure the appropriate level of technical support is engaged to address the problem.
• Innovate solutions that consider outside of the box thinking and solutioning
• Monitoring the enterprise, mobile and cloud-based resources for unauthorized access, data loss, and compromises in progress
• Engage with the security tools vendor to ensure ongoing and adequate level of technical maintenance and support for all component parts.
• Build your reputation as a cybersecurity leader, and provide mentorship across the team, ITS, and business members.
• Review security architecture designs ensuring visibility, policy enforcement, and detection points are incorporated into capabilities progress.
• Provide insights and support CISO leadership defining (MBI) overall security roadmap and support business planning, requirements and investment case definition to direct the implementation of security measures.
• Review security technologies, tools and services and make recommendations for their use based on security, financial and operational criteria including opportunities to develop customized solutions.

• Methodically build and manage a small but high performing & energetic multi-disciplinary team.

• Propose and lead efforts consistent with CISO vision and cybersecurity roadmap.

• Take opportunities to maximize program impact and mentor junior members

• Provide individual technical contributions to the work program

• Ensure quality products are delivered

• Support staff growth, development, and satisfaction

PROFESSIONAL REQUIREMENTS

• Bachelor’s Degree in Computer Science, Information Systems, or other related field (or equivalent work experience).

• Master’s Degree preferred

• 10 years or greater of combined hands-on IT and cybersecurity analyst, detection/response development, implementation and operational execution work experience with a broad exposure to multi-platform environments.

• 5 years of experience in cybersecurity SOC/CIRT environments or security service delivery.

• 5 years of leadership experience managing a team of technical resources.

• Knowledge or experience implementing solutions for defense industrial base (DIB) companies.

• Previous and/or current relationships with DSIE or NDISAC member companies and peer engineers.

• Strong understanding of Nation-State Actor Tactics, Techniques & Procedures (TTP).

• Strong knowledge of architecture-level information security and appropriate enforcement technology solutions.

• Strong understanding of intrusion prevention/detection solutions.

• Experience with advanced malware detection/prevention and EDR solutions.

• Experience with security information event management (SIEM) & visualization solution, big data user and entity behavior analytics, and active adversary deception.

• Strong working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors).

• Strong familiarity with Federal compliance standards such as NIST 800-53, 800-171, FIPS & FedRAMP.

• Knowledge of laws, regulations, and standards relevant to the US Government and Defense Industrial Base (DIB) industry.

• Design and built active/passive data collection, analysis, detection and response solutions ensuring visibility, policy enforcement, scalability, and maximizing detect/defend capabilities.

• Open mind regarding technical solutions with no allegiance towards particular vendor rather a knowledge of required capabilities and functional operations.

LICENSES/REGISTRATIONS

Any one of or more of these or other industry recognized certifications:

• GIAC Cyber Defense

• Cisco Certified Network Professional Security (CCNP Security) 

• Palo Alto Networks Certified Network Security Engineer (PCNSE)

• Certified Information Systems Security Professional - Information Systems Security Engineering Professional (CISSP-ISSEP)