TL, Pncpl Secur Ops Analyst

08-May-2025

US Remote

10310BR

Company Summary

As the recognized global standard for project-based businesses, Deltek delivers software and information solutions to help organizations achieve their purpose. Our market leadership stems from the work of our diverse employees who are united by a passion for learning, growing and making a difference. At Deltek, we take immense pride in creating a balanced, values-driven environment, where every employee feels included and empowered to do their best work. Our employees put our core values into action daily, creating a one-of-a-kind culture that has been recognized globally. Thanks to our incredible team, Deltek has been named one of America's Best Midsize Employers by Forbes, a Best Place to Work by Glassdoor, a Top Workplace by The Washington Post and a Best Place to Work in Asia by World HRD Congress. www.deltek.com

Business Summary

Deltek's Global Information Security team has a passion for simplifying the delivery of information security in a complex industry. As part of our dynamic team, you will help deliver creative security services to continuously improve the first-rate protection of Deltek's Information Assets. Join us as we create innovative solutions to further security as a differentiator for Deltek.

Position Responsibilities

Built on 40 years of industry expertise, Deltek is a leading provider of ERP solutions for Government contractors of all sizes. Whether these firms call them a contract within the government contracting space, an engagement within professional services firms, or refer to them as a project within the AEC space, these organizations share the same ultimate goal-to win and deliver successful projects. Deltek offers complete and integrated software solutions that connect and automate every stage of the project lifecycle, enhancing project intelligence, management, and collaboration. With Deltek's industry-focused expertise and end-to-end visibility into project and financial performance, we empower businesses to make data-driven decisions, mitigate risks, and deliver projects on time and within budget.

As the Team Lead for Threat & Vulnerability Management, you will lead a team of analysts responsible for identifying, tracking, and verifying the remediation of vulnerabilities across internal and external applications and systems. Possessing both business and technical acumen, you will understand applications, operating systems, networking, cloud infrastructure, and emerging threats. You will work closely with direct and indirect reports, reconciling competing priorities across IT infrastructure, application development, and security operations. You will collaborate with technology leadership and business units to secure the company, regularly reporting to the CISO and IT and risk leadership on the state of vulnerabilities, including criticality, exploit probability, business impact, and remediation.

Key Responsibilities:

• Lead the team responsible for penetration testing and vulnerability management of applications, endpoints, databases, networking, operating systems, mobile, third parties, and cloud services.
• Liaise with IT and security leadership to manage internal- and external-facing systems to identify, track, and remediate system and application vulnerabilities.
• Support continuous discovery, vulnerability assessment, and remediation status of enterprise-wide assets.
• Execute a strategy to identify vulnerabilities in the enterprise and prioritize a repeatable process to remediate them.
• Coordinate vulnerability remediation based on criticality, exploit probability, rating, and business risk exposure.
• Cultivate relationships with colleagues in operations, threat intelligence, software development, and risk management roles.
• Collaborate with IT and cybersecurity leadership to develop practices to reduce the attack surface and countermeasures to impede internal threats and external attackers.
• Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats and verify the organization's security posture against them.
• Collaborate with cross-functional teams to ensure consistency and thoroughness in threat modeling efforts in consideration of penetration testing and vulnerability management efforts.
• Work with employees to keep up with emerging threats and practices to improve security posture.
• Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with vulnerability management.
• Embrace automation with asset inventory and vulnerability discovery and reporting.
• Mentor team members personally and professionally to support and develop their careers.
• Validate that teams' reporting adheres to vulnerability policies, procedures, and efficacy.
• Communicate the state of vulnerability management to stakeholders, developers, IT, and business leaders.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field strongly preferred.
• Minimum of 5 years of experience in information security, with at least 2 years in a leadership role and/or managing people
• Strong knowledge of threat and vulnerability management tools and techniques.
• Experience with vulnerability assessment and penetration testing tools (e.g., Nessus, Qualys, Metasploit).
• Excellent understanding of security frameworks and standards (e.g., NIST, ISO 27001, CIS).
• Effectively communicates (written and oral) and develop trusting relationships with internal and external teammates and stakeholders.
• Ability to time- andself-management and multiple competing priorities simultaneously and with minimal direction.
• Strong critical thinking, analytical, and problem-solving skills.
• Ability to work in a team environment collaboratively, support and mentor team members, and work in cross-functional environments
• Enthusiasm to learn through a combination of structured, on-the-job, and self-directed training.
• Relevant certifications such as CISSP or CISM are highly desirable.
• Preferably some experience with vulnerability management across AWS, Microsoft Azure, or Google Cloud.
• Ability to influence technical teams and business units and collaborate to reduce attack surface.
• Knowledge of cybersecurity frameworks such as NIST, FIRST, CISA (KEVs), SEC requirements, and ISO.
• Understanding of CVSS, EPSS, KEV, MITRE ATT&CK, OWASP, and the SDLC.
• Applicable knowledge as needed about FedRAMP, SOC 1 & 2, GDPR, PCI, CCPA, HIPAA, etc.
• Strong written and oral communication skills.

Compensation Information

The U.S. salary range for this position is $81500.00 - $163000.00. This range is subject to change as Deltek takes a number of factors into consideration when determining individual base pay, such as location, job-related knowledge, skills and experience. Certain roles are eligible for additional rewards, including incentive compensation and equity.

Benefits and perks listed here may vary depending on the nature of employment with Deltek. Employees have access to healthcare benefits, a 401(k) plan and company match, paid vacation time and holidays, well-living programs, short-term and long-term disability coverage, basic life insurance and tuition reimbursement.

Travel Requirements

10%

Compliance Requirements

Certain roles may have additional privacy, security and compliance requirements to the extent they support Costpoint GCCM or similar product offerings.

EEO Statement

Deltek, Inc. is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.

E-Verify Statement

Deltek, Inc., utilizes the E-Verify program with every potential new hire. This makes it possible for us to make certain that every employee who works for Deltek is eligible to work in the United States. To learn more about E-Verify you can call 1-800-255-7688 or visit their website by clicking the logo below. E-Verify is a registered trademark of the United States Department of Homeland Security.

Applicant Privacy Notice

Deltek is committed to the protection and promotion of your privacy. In connection with your application for employment with us at Deltek, it is necessary for us to collect, store and use information about you ("Personal Data") to administer and evaluate your application. We are the "controller" of the Personal Data you provide us and will process any such Personal Data in accordance with applicable law and the statements contained in this Employment Candidate Privacy Notice. Additionally, we have not sold and do not sell Personal Data you provide to us through the job application process.