Cyber Risk Manager (SOC Manager) - Secret clearance required - #604538
Date: 11/26/2021 00:30 AM
City: Farmingdale, New Jersey
Contract type: Full Time
Work schedule: Full Day
Responsibilities for this Position
Location: USA VA Home Office (VAHOME)
Full Part/Time: Full time
Job Req: RQ102732
Type of Requisition:
Clearance Level Must Currently Possess:
Clearance Level Must Be Able to Obtain:
Public Trust/Other Required:
Join an exciting and dynamic team delivering a large-scale Enterprise Common Tools cloud platform, automation & orchestration, and Cloud Application Migration effort for the Army. This team works in a dynamic and fast-paced environment, with engineering, migration, and operations & sustainment of cloud migration efforts. Enterprise Common Tools and specific Army program customer migration efforts provide a range of day-to-day challenges, while the bigger picture architecture and migration efforts provide tangible milestones that the team pursues together following AGILE practices, to deliver the overall program effort. We're looking for self-starter Leads and technical engineers, to work both as part of the team and on individual assignments, in an environment of customer mission delivery, integrity and communications. We're looking to fill this role/team with those who currently have the cloud experience, certifications, and skills to execute in large enterprise environments, are flexible and enjoy tackling challenges, and desire to join a large team that is building and sustaining a large multi-tenant cloud platform/enterprise and migrating/expanding/automating the enterprise. If this sounds like you and you love to learn and grow with a team while delivering program milestones, then we'd love to hear from you!
The Cyber Risk Manager has responsibility for running the Security Operations Center (SOC) and leads a team of professionals responsible for the execution, development, and operation of cyber engineering and monitoring services. The individual will provide oversight for activities required to deliver secure solutions that support our customers such as:
Increase maturity of key Security Operations Center capabilities across governance, people, processes and technology to help achieve integrated cyber defense, proactively monitor, detect, investigate, and respond to known and unknown attacks
Provide effective approaches to Security Operations Center development and operations, and collaborate with our client stakeholders on implementation roadmaps and execution
Work with our clients to identify, architect, and deploy security analytics and alerting solutions
Clearly articulating the role of Cyber Threat Intelligence in the cyber defense strategy, and integrate intelligence across defense disciplines such as risk, security architecture, monitoring / detection, vulnerability management, and application security.
Lead the development of actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, including actual technical implementation of parsing log sources creating, validating and testing alerting queries to reduce false positives.
- Infuse leading practices to increase centralized visibility to identify suspicious activity and reduce the mean time to detect and respond to cyber threats.
Drive development and manage the implementation of Cyber Security capabilities targeted on key client's risk and business needs, and enhanced by leading practices across people, processes and technology including current state assessments
Design and manage the implementation of Cyber Security operating models, identifying, evaluating, and providing solutions to evaluate complex business via a threat-based approaches
Lead process walkthrough discussions to recommend improvements on end-to-end business processes and functional requirements based on latest SOC trends
Design and manage the technical implementation of threat-based use cases in Security Information Event Management (SIEM) and threat analytic systems
Coordinate across multiple stakeholder groups and manage end-to-end concurrent projects
Execute services and supervise staff in delivering engagement services
Select and tailor approaches, methodologies, and tools to support service offering or industry projects
Strive to exceed client expectations; build and nurture positive working relationships with clients
Manage day-to-day interactions with clients and internal team
Display leadership and business judgment in anticipating client/project needs and developing alternative solutions
Track and communicate engagement performance and planning to engagement management, ensuring project milestones remain on track and are completed timely and escalate risks as appropriate.
Responsible for project(s) financials including development of financial plans
Identify opportunities to improve engagement profitability
Participate and lead aspects of the proposal development process
Actively participate in the development of business and vendor relationships
Actively mentor and train team members on Cyber Security processes, governance, and frameworks
Provide counseling/coaching, oversight, and support for delivery teams and staff
Participate actively in staff recruitment and retention activities providing input and guidance into the staffing process
- Adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature. Helping maintain our client's strong professional relationships.
Over five years of experience in cyber security and IT service delivery management
Experience in IT service delivery via KPIs, strategic planning, budgeting, and allocation
8570.01M IAM Level III certification is required
Industry specific certifications such as CISSP, CISM, CISA and/or CRISC
In depth knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.
Excellent communication, listening & facilitation skills
Demonstrated consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)
Experience with SIEM technology (e.g. Splunk, AWS security services, etc.) or interpreting, searching, and manipulating data within enterprise logging solutions or IT Service Management (ITSM) tools, workflow, and automation
Experience extending enterprise security controls to the cloud
At least one Cloud certification: AWS Certified Cloud Practitioner equivalent or higher
Proven leadership skills demonstrating strong judgment, problem-solving, and decision-making abilities
Experience managing senior-level client relationships
- Experience mentoring and coaching others
Previous public sector consulting experience
Master's degree in Cybersecurity, Information Assurance or related field
At least one associate level cloud certification
- AWS Security Specialty certification
- Require BA/BS degree in management information systems, computer science, risk management, information security, engineering, or related discipline
- Active Secret Clearance
- Telework, with preferred location in National Capital Region (NCR) for meetings
The likely salary range for this position is $112,000 - $168,000, this is not, however, a guarantee of compensation or salary; rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:
Any Location / Remote
Additional Work Locations:
Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Texas or Montana or work outside of the United States may be excluded from this requirement. \n\nWe are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.\n\nGDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.