Operation Manager- Cyber Incident Response Team
The Operations Manager will lead cybersecurity operations personnel across 3 standard shifts covering 24 hours per day, 365 days per year. Manage and support a team that provides monitoring, incident response, and technical support. Interfaces and coordinates with government leads with key focus on effective, efficient, and compliant CIRT operations, meeting customer expectations. Directs and oversees contractor staff and activities in support of CIRT operations. Ensures CIRT staff are qualified, trained, and capable of their assigned duties. Ensures timely detection, reporting, escalation, resolution and documentation (to include proper maintenance of CIRT records and databases) of all security events and incidents. Works and liaises with DoS organizations, computer incident response organizations, such as the GFIRST, U.S. CERT, and other government agencies to resolve incidents and coordinate on situational awareness. Develops and maintains a CIRT knowledge base. Identifies and promotes process improvements
A Bachelor's Degree in Computer Science, Information Systems, Engineering, Business, Telecommunications, or other related technical discipline. Four (4) additional years of general experience (as defined below) may be substituted for the degree.
Certification Required: CISSP or PMP
Certifications Desired: ITIL
General Experience: 10 years of experience in network technology, management or operation with increasing responsibilities. Demonstrated oral and written communications skills. Previous security operations center (e.g., SOC) experience would be preferred.
- Knowledge and direct experience implementing ITIL based service delivery principles and best practices.
- Possesses a strong working knowledge of operational cybersecurity processes, procedures and best practices as practiced within the computer network defense (CND) industry.
- Demonstrated ability to manage projects and tasks within an agile and dynamic operational environment
- Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives
- Five (5) years of current experience in managing network security monitoring and computer incident handling and response capability and tools, to include IDS, IPS, DLP, etc.
- Three (3) years in managing 24x7x365 network security monitoring operations of similar size and scope.
- Five (5) years of working knowledge of network protocols, enterprise architecture, and network security systems and products.
- Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
- Experience developing and documenting technical user guides, standard operating procedures, and response playbooks.
- Experience developing and conducting detailed, technical, and hands on training.
- Demonstrated analytical and communications skills.
- Experience with scripting and development tools including, but not limited to: PowerShell, VBScript Perl, Ruby, or Python
- Five (5) years of technical task management and supervisory experience.
Security Clearance: TS
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.