Spry Methods, Inc. is hiring a
Cybersecurity Team Lead

Summary

Join Spry Methods as a Cybersecurity Team Lead to manage a team of analysts for the Department of Transportation (DoT) Federal Railroad Administration (FRA). This is a remote position with limited travel. You will oversee daily activities, conduct security assessments, and develop security policies.

Requirements

• Certified Information System Security Professional (CISSP)
• Certified in Governance, Risk and Compliance (CGRC) certification
• Certified Information Privacy Professional (CIPP)
• Certified Cloud Security Professional (CCSK) and other Cloud Certification as appropriate
• 5-8 years direct experience managing medium sized teams
• Public Trust
• Experience drafting FISMA related artifacts to include: system security plans, incident response plans, configuration management plan, FIPS 199, digital identity risk assessments, security impact analysis, contingency plan, security assessment plans and reports, Plan of Action and Milestones (POA&M), and training materials
• Experience in applying NIST Special Publications to information systems
• Experience with performing information system continuous monitoring of security controls to ensure that they continue to be implemented correctly, operating as intended and producing the desired outcome with respect for meeting the security requirements
• Knowledge of cybersecurity tools such as: Tenable, Qualys, Governance Risk Compliance (GRC) tools (e.g. CSAM)
• Experience conducting security assessments and/or audits

Responsibilities

• Oversee the daily activities of the cybersecurity analysts
• Assign tasks, set priorities, and ensure efficient workflow
• Conduct regular team meetings to discuss progress, challenges, and updates
• Plan and execute security assessments
• Review assessment reports and provide guidance on remediation
• Collaborate with other teams (e.g., development, operations) to address findings
• Monitor security controls and compliance with policies and standards
• Review security logs and alerts
• Investigate incidents and coordinate response efforts
• Ensure timely reporting to management and stakeholders
• Identify and assess risks related to systems, applications, and processes
• Develop risk mitigation strategies and action plans
• Work with stakeholders to implement risk controls
• Develop and update security policies, standards, and procedures
• Ensure alignment with industry best practices and regulatory requirements
• Provide guidance and mentorship to analysts
• Arrange training sessions to enhance team skills
• Collaborate with vendors for tool evaluations
• Engage with business units and other teams to address security needs
• Track key performance indicators (KPIs) for the team
• Prepare regular reports for management and executive leadership

Preferred Qualifications

• PMP certification
• 8+ years experience supporting federal organizations Cybersecurity programs