Overview
Skills
Job Details
Cybersecurity Analyst SME, will serve as the Security Operations Manager,
Key Areas :
- ship
10+ years of experience as a Cybersecurity professional and in a Security Operations Center
environment
Experience with Splunk Enterprise Cybersecurity
Active Top-Secret Clearance with eligibility for SCI
Primary Responsibilities:
The Security Operations Manager will plan, direct and manage day-to-day activities of contractor
security operations staff
Suggest and implement controls for key information security gaps within the customer security
infrastructure
Ensure timeliness and quality of reporting produced by the security operations staff to stakeholders
Instill and reinforce industry best practices in the domains of incident response, cybersecurity analysis,
case and knowledge management, and ESOC operations
Act as subject matter expert in several security technologies (depth) with ability to lead across
enterprise security domains (breadth)
Expertly collaborate across multiple disciplines and levels of the organization
Multitasks with expert organizational skills in a fast-paced environment
Demonstrate an open mind, creative thinking, willingness to take calculated risks, and a strong ability to
make informed decisions
Create job descriptions for new positions and manage annual performance plans
Continually mature ESOC operations and capabilities, developing intra-team relationships, and building
trust and rapport with external stakeholders
Ensure that the ESOC s standard operation procedures are followed to maintain a high level of security
across the organization
Keep up to date with the latest cybersecurity trends, vulnerabilities, and mitigation techniques to
strengthen the organization s overall security posture.
Guide and mentor junior staff
Qualifications:
Active Top-Secret Clearance with eligibility for SCI
ship
10+ years of experience as a Cybersecurity professional and in a Security Operations Center
environment
Experience with Splunk Enterprise Cybersecurity
Familiarity with all related aspects of cybersecurity operations and security architecture
In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation
techniques and cyber threat/adversary methodologies.
Preferred Qualifications:
One of the following certifications:
GIAC Continuous Monitoring Certication (GMON)
GIAC Certied Incident Handler (GCIH)
GIAC Certied Forensic Analyst (GCFA)
GIAC Certied Intrusion Analyst (GCIA)
GIAC Network Forensic Analyst (GNFA)
GIAC Cloud Threat Detection (GCTD)
GIAC Cloud Forensics Responder (GCFR)
CISSP Certification
Experience with Microsoft Sentinel
6+ years of supervising and/or managing teams
8+ years of intrusion detection and/or incident handling experience
Ability to analyze new attacks and provide guidance to watch floor analysts on detection and
response
Knowledgeable of the various Intel Frameworks (e.g. Cyber Kill Chain, Diamond Model, MITRE ATT&CK,
etc.) and able to utilize it in their analysis workflow
Experience with Cloud (e.g. o365, Azure, AWS, etc.) security monitoring and familiar with cloud threat
landscape
Experience with FBI, DHS, IC, and DoD Networks.
Experience with configuring and operating cybersecurity and networking devices (i.e. routers, firewalls,