Cyber Incident Response Team Tier 2
The Operations Manager will lead Tier 2 cybersecurity operations personnel across 3 standard shifts covering 24 hours per day, 365 days per year. Manage and support a team that provides monitoring, incident response, and technical support. Schedules, coordinates, guides, monitors, tracks and reports on Tier 2 activities and performance. Conducts advance analysis and recommends remediation steps for computer security events and incidents. Ensures established Tier 2 processes and procedures are followed, including during surge support and in interaction with customers. Recommends improvements to increase operational efficiency. Liaises and coordinates with operational managers and other entities within the Department and with outside agencies.
A Bachelor's Degree in Computer Science, Information Systems, Engineering, Telecommunications, or other related technical discipline. Four (4) additional years of general experience (as defined below) may be substituted for the degree.
Certification Required: CISSP
Certifications Desired: ITIL
General Experience: Eight years of experience in network center management and operation with increasing responsibilities. Demonstrated oral and written communications skills. Previous security operations center (e.g., SOC) experience would be preferred.
- Knowledge and direct experience implementing ITIL based service delivery principles and best practices.
- Possesses a strong working knowledge of operational cybersecurity processes, procedures and best practices as practiced within the computer network defense (CND) industry.
- Demonstrated ability to manage projects and tasks within an agile and dynamic operational environment
- Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.
- Five (5) years of current experience in 24x7x365 network security monitoring operations of similar size and scope.
- Three (3) years of experience in LANs, WANs, VPNs, network protocols, firewalls, routers, and performing malware analysis. Demonstrated experience in network security systems and products.
- Five (5) years of current experience in managing network security monitoring and computer incident handling and response capability and tools, to include IDS, IPS, DLP, etc.
- Five (5) years of working knowledge of network protocols, enterprise architecture, and network security systems and products.
- Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
- Experience developing and documenting technical user guides, standard operating procedures, and response playbooks.
- Experience developing and conducting detailed, technical, and hands on training.
- Demonstrated analytical and communications skills.
- Experience with scripting and development tools including, but not limited to: PowerShell, VBScript Perl, Ruby, or Python
- Five (5) years of technical task management and supervisory experience.
Security Clearance: TS
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.