Cyber Network Defense (CND) Tools Team Manager

JRSS is a multi-year, global effort to improve the DoD’s security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing network security into regional stacks rather than locally distributed appliances. This position is responsible for providing leadership, team coordination, requirements analysis, systems engineering and design, implementation support, and ongoing performance enhancement work for CND tools in a complex cyber environment. Candidate does not need to be an expert in all tools but should have significant experience with DCO architecture and tool capabilities and design.

The candidate will work as part of a multi-disciplinary team that supports active and passive Computer Network Defense (CND) tools as implemented in the JRSS. Must be able to build a strong team through open communications, effectively collaboration,  and integration with external technical teams and customers consisting of varied levels of DISA personnel, vendor technical support personnel, and technical representatives from DoD services, ultimately working as part of an integrated, cross-platform team that provides design, engineering, and implementation support for complex CND capabilities in support of DoD-wide military base/post/camp/station migrations. Must be able to initiate and set team goals based on the DISA PMO’s strategic objectives, and must be able to follow through with timely appropriate deliverables. Diversity and inclusion in all interactions are at the forefront of Leidos’s and the customer’s priorities.

Must be able to drive efficiencies in operations and systems, create effective processes, and streamline the delivery of customer requirements where possible. 

Primary Responsibilities:
The candidate will provide technical leadership in the full lifecycle implementation of JRSS CND capabilities - requirements analysis, systems design, engineering, technical documentation development, deployment, and training. Candidate should have extensive CND architectural design and engineering experience as well as significant hands-on experience with one or more JRSS CND Tools.

The successful candidate will be able to do the following:
•    Drive team operations to ensures on-time delivery of excellent products and services to the customer
•    Build and maintain effective relationships with team members, peers, Leidos leadership, and DISA PMO
•    Assess system requirements and provide detailed analysis for use by the DISA JRSS PMO and stakeholders during planning and implementation of a large complex, world-wide cyber defense system
•    Propose and develop Defense Cyber Ops architecture and design to meet customer requirements for capability and functionality in meeting varied cyber mission objectives
•    Support JRSS migrations by gathering requirements, conducting gap analysis (based on customer vs JRSS tool suite), designing an integration architecture, and writing Engineering Implementation Plans 
•    Provide engineering support for ongoing JRSS DCO architectural optimization 
•    Prepare engineering alternatives in support of PMO requirements to be delivered as Courses of Action (COAs) decision briefings and ultimately implemented within the JRSS environment
•    Lead global architecture or re-architecture efforts to design, deploy and integrate new tools in JRSS stacks
•    Configure all CND tools to meet requirements for syslog, file and database event collection and reporting for hand off to Operations and Maintenance (O&M) teams
•    Create custom scripts to support health and performance monitoring to be utilized by O&M staff 
•    Create and edit content to optimize CND tools for security incident and event management
•    Provide SME-level support on issues related to the cyber threat landscape, potential attack vectors, and cyber security risks for IT systems to the DISA PMO, the Leidos PMO, and relevant other GMSO task orders
•    Identify solutions within the system environment in order to enhance/improve system performance
•    Provide JRSS Tier 3 CND SME guidance and expertise to Tier 1/2 O&M stakeholders as issues are escalated
•    Provide troubleshooting expertise to resolve tool issues, either within the tool or as part of an integrated team of professionals addressing larger, more complex issues
•    Provide “on the job training” to less experienced JRSS, DISA or DoD Services’ team members
•    Provide subject matter expertise during CND Training courses and Q&A sessions

Basic Qualifications:

•    Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 12-15 years’ experience.
•    U.S. citizenship and an active DoD Secret clearance is required. In addition, must be able to successfully obtain up to Top Secret based on requirements from the customer and program.
•    DoD 8570 IAT2 certification is required

•    Significant experience and knowledge of the cyber threat landscape and attack vectors
•    Significant experience with one or more of the CND tools in the JRSS cyber suite:

• Fidelis DLP and MDE

• Tipping Point

• SourceFire

• ArcSight

• Gigamon

• Opswat

• Inquest

• Bivio/Argus/Bro

• ELK components

•    Experience in full lifecycle execution of complex engineering and implementation projects 
•    Significant knowledge of TCP/IP communications
•    General knowledge of router and firewall functionality on a network 
•    Knowledge of Unix and scripting languages 
•    Familiarity with the MS Office tool suite
•    Excellent written and oral communications skills with ability to appropriately present highly technical material to a broad set of audiences

Preferred Qualifications:
•    Experience leading complex engineering and implementation projects with cross-functional teams
•    Prior experience as a network intrusion analyst or Security Operations Center analyst.
•    Experience configuring and maintaining tools in a multi-tenant environment

GSMO