Technical Director, IT Security Operations
Posted on Jun 14, 2019 by Perspecta
Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work. We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselves-to respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers.
Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways-not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter.
Perspecta's talented and robust workforce-14,000 strong-stands ready to welcome you to the team. Let's make an impact together.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories
The Technical Director, IT Security Operations reports directly to the CISO and is responsible for Technical Security Operations to include: Security Operations Center (SOC), Focused Operations (forensics, malware analysis, intel threat, insider threat tools), and Security Architecture and Engineering. This position has the responsibility of managing all of Security Operations for a Defense Contractor and should be familiar working with the DIB (Defense Industrial Base) as well as with DFARS (NIST) requirements.
- NOTE: This is a hands-on, technically active role. Your technical skills will be applied daily to all aspects of this job.
- Responsible for synergizing security operations, tools, and processes for a newly merged company.
- Making technical and policy decisions that affect corporate security posture, especially as it relates to DFARS (NIST SP 800-171 compliance).
- Understanding placement of network/security infrastructure and visibility requirements for hosts, infrastructure, and network devices.
- Working with the Defense Industrial Base (DIB)
- Providing monthly or as needed reports to the CISO
- Working collaboratively with other teams in the CISO organization as well as within the CIO to impact change and define an acceptable security posture
- Managing cyber incidents as they occur
Management and oversight of:
- Security Operations Center (SOC) Tier 1-III SOC analysis and response; monitoring/triaging events and analyzing/working incidents.
- Focused Operations (to include Malware analysis, Forensics, Insider Threat, intel threat investigation).
- Security Engineering: Deciding on, implementing, and monitoring/managing security tools within the enterprise; security architects designing the solutions.
- Requires BA/BS with a minimum of 16 years experience. At least 5 years as a manager; and 15 years in Cybersecurity with experience supporting government customer/s or contractor/s.
- Secret clearance required
Must have specialized knowledge and ACTIVE, HANDS-ON experience in one or more of the following;
- Experience managing a SOC required
- High level understanding of the multitude of tools required to be managed and implemented by a Security Operations team
- SIEM tools and log/IDS management
- NIST cybersecurity controls and frameworks
- Running tools in and supporting on-prem, Cloud, and hybrid environments
- Creating and reviewing corporate-wide policies and rule
- Past experience with system or network administration desired
- CISSP certification