Leidos has an immediate need for a Security Operations Manager for an existing customer on a highly-visible and strategic Cybersecurity Task Order that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff.
The Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a shared DHS incident tracking system and other means of coordination and communication.
The Security Operations Manager will plan, direct and manage day to day activities of contractor security operations staff and support customer strategic planning to build and mature SOC Capabilities. The Operations Manager will also be responsible for the following:
- Drive implementation and improvement of new tools, capabilities, frameworks, and methodologies across all teams within the customer’s security operations environment
- Manage and conduct hands-on technical analysis as a supplement to Incident Response and Forensics Teams during high-visibility or high-workload investigations
- Guide and mentor junior staff
- Suggest and implement controls for key information security gaps within the customer security infrastructure
- Conduct and maintain detailed gap analysis of customer capabilities
- Ensure timeliness and quality of reporting produced by the security operations staff to stakeholders
- Instill and reinforce industry best practices in the domains of incident response, cybersecurity analysis, case and knowledge management, and SOC operations
- Promote and drive implementation of automation and process efficiencies
- Act as subject matter expert in several security technologies (depth) with ability to lead across enterprise security domains (breadth)
- Communicate adeptly at all levels from executive-suite to front-line analysts
- Expertly collaborate across multiple disciplines and levels of the organization
- Multitask with expert organizational skills in a fast-paced environment
- Demonstrate an open mind, creative thinking, willingness to take calculated risks, and a strong ability to make informed decisions
- Create job descriptions for new positions and manage annual performance plans for the SecOps team
- Provide guidance and leadership to the SecOps team for technology solutions related to the services that the team operates
- Develop and enforce event response and escalation documentation and processes for Security Operations Center to follow
- Respond to customer inquiries around security-related questions resulting from security incidents
- Develop and support incident response plans, processes, and procedures, and advise on steps to achieve incident response readiness (logging and monitoring configurations, triage and escalation procedures, wider stakeholder liaison, etc.)
- Track emerging security practices and innovations and work with the customer to execute where appropriate.
- Will work regular 8:00 – 5:00 pm hours, on-call and after-hours support in response to incidents as dictated by mission requirements
- Continually mature SOC operations and capabilities, developing intra-team relationships, and building trust and rapport with external stakeholders
- Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS twelve (12) years of experience in incident detection and response, malware analysis, and or cyber forensics.
- 6+ years of supervising and/or managing teams
- 8+ years of intrusion detection and/or incident handling experience
- Ability to analyze new attacks and provide guidance to watch floor analysts on detection and response
- Knowledgeable of the various Intel Frameworks (e.g. Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow
- Experience with Cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape
- Active Top Secret clearance with the ability to obtain SCI
- Advanced knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large and complex enterprise
- Significant experience supervising and leading employees of various labor categories and technical skill levels in efforts similar in size and scope to a mature Security Operations Center
- Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
- Demonstrated mastery of the life cycle of cybersecurity threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs).
- Extensive leadership experience creating, building, and maintaining high-performing teams, particularly in a cybersecurity environment
- Previous experience managing an enterprise SOC/NOC/NOSC
Pay Range:Pay Range $118,300.00 - $182,000.00 - $245,700.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 45,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.