General Dynamics Information Technology Cyber Risk Manager (SOC Manager) - Secret clearance required in Devens, Massachusetts
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: Secret
Public Trust/Other Required: None
Job Family: Information Security
Join an exciting and dynamic team delivering a large-scale Enterprise Common Tools cloud platform, automation & orchestration, and Cloud Application Migration effort for the Army. This team works in a dynamic and fast-paced environment, with engineering, migration, and operations & sustainment of cloud migration efforts. Enterprise Common Tools and specific Army program customer migration efforts provide a range of day-to-day challenges, while the bigger picture architecture and migration efforts provide tangible milestones that the team pursues together following AGILE practices, to deliver the overall program effort. We’re looking for self-starter Leads and technical engineers, to work both as part of the team and on individual assignments, in an environment of customer mission delivery, integrity and communications. We’re looking to fill this role/team with those who currently have the cloud experience, certifications, and skills to execute in large enterprise environments, are flexible and enjoy tackling challenges, and desire to join a large team that is building and sustaining a large multi-tenant cloud platform/enterprise and migrating/expanding/automating the enterprise. If this sounds like you and you love to learn and grow with a team while delivering program milestones, then we’d love to hear from you!
The Cyber Risk Manager has responsibility for running the Security Operations Center (SOC) and leads a team of professionals responsible for the execution, development, and operation of cyber engineering and monitoring services. The individual will provide oversight for activities required to deliver secure solutions that support our customers such as:
Increase maturity of key Security Operations Center capabilities across governance, people, processes and technology to help achieve integrated cyber defense, proactively monitor, detect, investigate, and respond to known and unknown attacks
Provide effective approaches to Security Operations Center development and operations, and collaborate with our client stakeholders on implementation roadmaps and execution
Work with our clients to identify, architect, and deploy security analytics and alerting solutions
Clearly articulating the role of Cyber Threat Intelligence in the cyber defense strategy, and integrate intelligence across defense disciplines such as risk, security architecture, monitoring / detection, vulnerability management, and application security.
Lead the development of actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, including actual technical implementation of parsing log sources creating, validating and testing alerting queries to reduce false positives.
Infuse leading practices to increase centralized visibility to identify suspicious activity and reduce the mean time to detect and respond to cyber threats.
Drive development and manage the implementation of Cyber Security capabilities targeted on key client’s risk and business needs, and enhanced by leading practices across people, processes and technology including current state assessments
Design and manage the implementation of Cyber Security operating models, identifying, evaluating, and providing solutions to evaluate complex business via a threat-based approaches
Lead process walkthrough discussions to recommend improvements on end-to-end business processes and functional requirements based on latest SOC trends
Design and manage the technical implementation of threat-based use cases in Security Information Event Management (SIEM) and threat analytic systems
Coordinate across multiple stakeholder groups and manage end-to-end concurrent projects
Execute services and supervise staff in delivering engagement services
Select and tailor approaches, methodologies, and tools to support service offering or industry projects
Strive to exceed client expectations; build and nurture positive working relationships with clients
Manage day-to-day interactions with clients and internal team
Display leadership and business judgment in anticipating client/project needs and developing alternative solutions
Track and communicate engagement performance and planning to engagement management, ensuring project milestones remain on track and are completed timely and escalate risks as appropriate.
Responsible for project(s) financials including development of financial plans
Identify opportunities to improve engagement profitability
Participate and lead aspects of the proposal development process
Actively participate in the development of business and vendor relationships
Actively mentor and train team members on Cyber Security processes, governance, and frameworks
Provide counseling/coaching, oversight, and support for delivery teams and staff
Participate actively in staff recruitment and retention activities providing input and guidance into the staffing process
Adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature. Helping maintain our client’s strong professional relationships.
Over five years of experience in cyber security and IT service delivery management
Experience in IT service delivery via KPIs, strategic planning, budgeting, and allocation
8570.01M IAM Level III certification is required
Industry specific certifications such as CISSP, CISM, CISA and/or CRISC
In depth knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.
Excellent communication, listening & facilitation skills
Demonstrated consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)
Experience with SIEM technology (e.g. Splunk, AWS security services, etc.) or interpreting, searching, and manipulating data within enterprise logging solutions or IT Service Management (ITSM) tools, workflow, and automation
Experience extending enterprise security controls to the cloud
At least one Cloud certification: AWS Certified Cloud Practitioner equivalent or higher
Proven leadership skills demonstrating strong judgment, problem-solving, and decision-making abilities
Experience managing senior-level client relationships
Experience mentoring and coaching others
Previous public sector consulting experience
Master’s degree in Cybersecurity, Information Assurance or related field
At least one associate level cloud certification
AWS Security Specialty certification
- Require BA/BS degree in management information systems, computer science, risk management, information security, engineering, or related discipline
- Active Secret Clearance
- Telework, with preferred location in National Capital Region (NCR) for meetings
COVID-19 Vaccination Requirement: To protect the health and safety of its employees and to comply with customer requirements, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
General Dynamics Information Technology
- General Dynamics Information Technology Jobs