The Deputy Mission Operation Environment Cyber Incident Response Team (MOE-CIRT) Manager ensures exceptional service for managed services customers and helps drive employee engagement for SOC and Incident Response staff members.

Responsibilities also include:

• Report to MOE-CIRT Team Lead in the management of up to 30 watch-standers
• Have technical knowledge and the ability to provide senior analytics
• Project Management Facilitate a high-performance team environment and employee engagement
• Provide performance feedback and corrective action to direct staff Lead activities of MOE-CIRT staff to diagnose and resolve client problems
• Field escalated customer issues and resolve or refer to specialized experts as needed
• Provide input on process improvements and contribute to the technology road map for the strategic plan.
• Perform metrics trend analysis and reporting; guide resultant process improvement.
• Contribute to the development, communication and implementation of policies, procedures, best practices, recommendations, and guidelines for standards.
• Conduct one on ones with staff to address training needs, set expectations, and facilitate a 2-way dialogue regarding the employee experience

Required Skills:

• This position requires an active Top Secret security clearance with SCI eligibility.
• Must be able to obtain DHS suitability prior to starting employment.
• Candidate must be able to travel quarterly to Pensacola for training, coordination, etc.
• Efficient delegation and task prioritization
• Ability to interview and select employees in accordance with company guidelines and EEOC commitments
• Ability to coordinate and facilitate staff training on a technical level
• Ability to provide feedback, coach employee performance, and effectively implement disciplinary action as needed Ability to manage and resolve conflicts as they arise
• Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
  • Experience in computer intrusion analysis and incident response
  • Experience with Intrusion detection
  • Computer network surveillance/monitoring
  • Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
  • Experience in computer evidence seizure, computer forensic analysis, and data recovery
  • Computer network forensics
  • System log analysis
  • Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
  • Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
  • Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks Demonstrated ability to document processes
• The ability to respond to crises objectively Proficiency with MS Office Applications
• Must be able to work collaboratively across agencies and physical locations

Desired Skills:

• Experience supporting DHS, Federal Civil, Intelligence and/or DoD Customers
• Computer Forensics experience
• Malware reverse engineering experience
• Experience with Risk and Opportunity management
• Scripting experience (python, perl etc...)
• Experience with process development and deployment
• Prior experience with data visualization products such as Analyst Notebook is desired.
• Prior experience with Splunk
• Prior experience working in AWS and Azure
• Prior experience working in one of the following highly desired:
  • Security Operations Center (SOC/NOSC)
  • Computer Emergency Response Team (CERT/CIRT)
  • DOD/FED Cyber Intel organization
  • DCIO/MCIO, with Cyber Counterintelligence focus

Desired Certifications:

• Additional technical CND response certification (CEH, GCIH, GCIA and GNFA)
• DoDI 8570.01-M IAT Level I Compliance Certification (Network+ CE, A+, CE, CCNA+, Security+, SSCP)