Type of Requisition:Pipeline
Clearance Level Must Currently Possess:Top Secret
Clearance Level Must Be Able to Obtain:Top Secret
Public Trust/Other Required:None
Job Family:Cyber and IT Risk Management
Job Qualifications:Skills:Continuous Monitoring, Security Information and Event Management (SIEM), Security Operations
Certifications:None
Experience:10 + years of related experience
US Citizenship Required:Yes
Job Description:GDIT is seeking a Security Operations Center Manager to help support the Defense Manpower Data Center (DMDC) Cybersecurity, Privacy, Records, Information Management, and Environments Support (Cyber Primes) programAs a Security Operations Center (SOC) Manager, you will be part of a team who is responsible for securing the operations for DMDC and DHRA's networks via the SOC.
The
SOC is the central hub of cybersecurity event monitoring, focused on incident detection, triage, and analysis with the objective of providing continuous monitoring and event analysis to quickly identify security concerns/incidents in a timely manner.
The SOC team is responsible for monitoring, triage, and analysis of all security alerts, along with escalation to Incident Response within the DHRA area of responsibility. Cyber events are triggered 24-hours a day, 7-days a week, 365-days a year (24x7x365).
MEANINGFUL WORK AND PERSONAL IMPACT:As a SOC Manager, you will contribute to a fast-paced team and be responsible for the SOC. We are seeking a highly experienced and knowledgeable SOC Manager to support our Department of War (DOW) contracts. The ideal candidate will possess extensive expertise in cybersecurity, threat detection, incident response, and compliance within federal government environments.
WHAT YOU'LL NEED TO SUCCEED - REQUIRED:Bring your expertise along with a drive for innovation to GDIT.
- Citizenship: US Citizenship required for contract
- Certification(s): One of the following certification from the following: CCNA, CySA+, CFR, GCFA, GCIA, or GICSP
- Education: Bachelor's degree or experience in lieu of education in Cybersecurity, Information Technology, Computer Science, or a related field.
- Years' Experience: 10+ years of experience in cybersecurity
- Technical skills:
- May serve as a team or task lead
- May coach and provide guidance to less experienced professionals
- Investigates, analyzes, and responds to cyber incidents within a network environment or enclave
- Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purpose of mitigating threats
- Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events
Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software - Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards
- Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security
- Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks
- The ability to Develop and maintain Tactics, Techniques and Procedures (TTPs) for the SOC
- The ability to Maintain and provide process improvements on SOC processes and procedures
- The ability to Manage Cyber Incidents which includes triage, communication, documenting and responding to the incident in accordance with DoW regulations and policies.
- The ability to communicate and provide summaries which can include presentations to all levels of leadership
- The ability to manage tasks in accordance with DoW government contracts
- Location: Seaside, CA
- Security Clearance level: Active DOW Top Secret Clearance
DESIRED QUALIFICATIONS:- Certification(s): Security+, CISSP
OWN YOUR OPPORTUNITYExplore a career in cyber at GDIT and you'll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.
The likely salary range for this position is $169,604 - $229,464. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:40
Travel Required:Less than 10%
Telecommuting Options:Onsite
Work Location:USA CA Seaside
Additional Work Locations:Total Rewards at GDIT:Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
