Cybersecurity Operations Manager

ASRC Federal NetCentric Technology seeks an on-site Cybersecurity Operations Manager in Seaside, California or Alexandria, Virginia to support one of our Department of Defense (DoD) Cybersecurity Support Services contracts. This position will perform activities related to leading and coordinating cybersecurity operations primarily responsible for monitoring, detecting, containing, responding to, and eradicating threats and other malicious activity. This position will help build and streamline DOD Information Network (DoDIN) Operations, Security Operation Center (SOC) and incident response team activities while synchronizing cyber threat hunting actions within the environment. This position will require support to respond to and investigate cyber events when an incident occur after regular business hours at both Alexandria, Virginia and Seaside, California.

Key Responsibilities:

• Strategic Planning and Oversight: Develop and implement strategic plans for cybersecurity operations, ensuring alignment with organizational goals and compliance with DoDIN requirements. Oversee the overall operations of the cybersecurity center encompassing operations, incident response and threat hunting, including resource allocation and performance monitoring.
  • Act as the primary point of contact for DoDIN, SOC, Hunt operations and all major security incidents which includes tracking taskings, incidents, corrective measures taken, recommendations, and remediation activities; completing incident reports for investigations as needed; providing or contributing to weekly report of events and incidents.
• Team Leadership and Management:Provide guidance, mentorship, and support to team members, fostering a collaborative and efficient work environment.
• Incident Management and Response:Direct and coordinate incident response activities, ensuring timely detection, analysis, and mitigation of security incidents. Develop and implement incident response plans, procedures (SOPs), and process flows and oversee their execution during security events to include but not limited to tabletop exercises.
• Threat Hunting and Proactive Security:Oversee cyber threat hunting activities to proactively identify and mitigate potential threats within the organization's network. Ensure that threat hunters use advanced techniques and tools to detect hidden threats that automated systems might miss.
• SIEM Maintenance and Monitoring:Provide oversight to the maintenance and monitoring of the SIEM (Splunk) system, ensuring its effective operation and integration with other security tools. Regularly review and analyze SIEM data to identify trends, anomalies, and potential security issues while communicating with administrators and engineers on the necessary tuning and optimization of data to make informed decisions.
• Communication:Serve as the primary point of contact for DoDIN, SOC operations, Incident Response and Hunt activities, communicating with stakeholders such as senior management (technical and non-technical), cross-functional teams and external partners. Provide regular reports to program leadership, DoD officials, and other stakeholders on the status of security incidents, lessons learned, and the effectiveness of response strategies.
• Compliance:Provide expert guidance on compliance with cybersecurity directives, ensuring the DoD program meets all required security controls and risk management policies.
• Continuous Process Improvement:Regularly review and update processes and procedures (SOP) based on new threats and lessons learned from past incidents in accordance with CJCSM 6510.01B, NIST SP 800-61R2, DoD regulations, and industry best practices.

Preferred Skills:

• Hands-on knowledge and experience with cybersecurity tools such as Splunk, Tanium, Beyond Trust, ACAS, ESS or Microsoft Defender.

Required Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent additional experience).
• Active DoD Secret Clearance with the ability to obtain and maintain a Top-Secret Clearance.
• Active DoD 8570 IAT Level II certification or greater, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
• Active DoD 8570 CSSP Incident Responder certification a plus, including at least one of the following certifications in good standing: CEH, CFR, CCNA Cyber Ops, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+.

• Experience leading teams within a DoD Cybersecurity Operations Center environment.
• Experience with DoDIN Operations directives, task order process and procedures.

• Knowledge of Incident Response Handling Procedures (NIST SP 800-61)
• Familiarity with cyber adversary tactics and frameworks (such as ATT&CK and D3FEND).
• 10+years of related information technology and cybersecurity experience with 3+ years CIRT experience and one year of CIRT lead experience.
• On-site in Seaside, California or Alexandria, Virginia.

We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. This position is offering a pay range of $130,000.00 - $185,000.00 depending on experience, seniority, geographic locations, and other factors permitted by law. Benefits offered may include healthcare, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

Why ASRC?

As a wholly owned subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation, we are inspired by the Iñupiat culture. We embrace stewardship and the idea of using every resource effectively; teamwork when striving to achieve goals and building a collaborative environment; integrity in adhering to high moral principles and professional standards; respect in welcoming and regarding the differing opinions, experiences, rights and traditions of others as we build a diverse and inclusive workplace; accountability in that we meet our commitments and take responsibility for our results; and continuous improvement, always striving to make things better, raising the bar and staying humble.

Purpose-Driven Careers: Join a company recognized as a:

• Certified Great Place to Work
• Military Times' Best for Vets Employer
• Military.com's Top 25 Veteran Employer

Comprehensive Benefits:

• Insurance Coverage ( medical, dental, vision, life insurance, and short-term/long-term disability).
• Paid Leave (Military, Holidays and Family)
• Retirement Savings (401K)
• Corporate Incentives (Employee Referral Bonuses, After 90 days of regular full-time employment employees are eligible for Degree-Tuition Reimbursement, Professional Conference Registration Fee Reimbursement and Professional Certification Reimbursement)

Centers of Excellence : We established the Centers of Excellence to build, leverage and grow our technology capabilities, best practices and offer professional development for our technical teams. They contain many Communities of Practice which are forums that offers a platform to share ideas, best practices, innovations, and to collaborate with technical peers.

Embark on a career with ASRC Federal, where your growth, purpose, and well-being are at the forefront of what we do!