The Deputy Mission Operation Environment Cyber Incident Response Team (MOE-CIRT) Manager ensures exceptional service for managed services customers and helps drive employee engagement for SOC and Incident Response staff members.
Responsibilities also include:
- Report to MOE-CIRT Team Lead in the management of up to 30 watch-standers
- Have technical knowledge and the ability to provide senior analytics
- Project Management Facilitate a high-performance team environment and employee engagement
- Provide performance feedback and corrective action to direct staff Lead activities of MOE-CIRT staff to diagnose and resolve client problems
- Field escalated customer issues and resolve or refer to specialized experts as needed
- Provide input on process improvements and contribute to the technology road map for the strategic plan.
- Perform metrics trend analysis and reporting; guide resultant process improvement.
- Contribute to the development, communication and implementation of policies, procedures, best practices, recommendations, and guidelines for standards.
- Conduct one on ones with staff to address training needs, set expectations, and facilitate a 2-way dialogue regarding the employee experience
- This position requires an active Top Secret security clearance with SCI eligibility.
- Must be able to obtain DHS suitability prior to starting employment.
- Candidate must be able to travel quarterly to Pensacola for training, coordination, etc.
- Efficient delegation and task prioritization
- Ability to interview and select employees in accordance with company guidelines and EEOC commitments
- Ability to coordinate and facilitate staff training on a technical level
- Ability to provide feedback, coach employee performance, and effectively implement disciplinary action as needed Ability to manage and resolve conflicts as they arise
- Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
- Experience in computer intrusion analysis and incident response
- Experience with Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
- Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks Demonstrated ability to document processes
- The ability to respond to crises objectively Proficiency with MS Office Applications
- Must be able to work collaboratively across agencies and physical locations
- Experience supporting DHS, Federal Civil, Intelligence and/or DoD Customers
- Computer Forensics experience
- Malware reverse engineering experience
- Experience with Risk and Opportunity management
- Scripting experience (python, perl etc...)
- Experience with process development and deployment
- Prior experience with data visualization products such as Analyst Notebook is desired.
- Prior experience with Splunk
- Prior experience working in AWS and Azure
- Prior experience working in one of the following highly desired:
- Security Operations Center (SOC/NOSC)
- Computer Emergency Response Team (CERT/CIRT)
- DOD/FED Cyber Intel organization
- DCIO/MCIO, with Cyber Counterintelligence focus
- Additional technical CND response certification (CEH, GCIH, GCIA and GNFA)
- DoDI 8570.01-M IAT Level I Compliance Certification (Network+ CE, A+, CE, CCNA+, Security+, SSCP)