CloudOne Cybersecurity Incident Response Manager (USAF Cloud One)
About The Position
Leidos was awarded the U.S. Air Force Cloud One Architecture and Common Shared Services contract and currently has an opening for the AWS, Azure, Google, and Oracle clouds. This is an exciting opportunity to use your experience to modernize a leading, global-scale multi-cloud environment in support of a critical mission, supporting USAF system resiliency, security, and cost effectiveness. Location: This position will be in Hunstville, AL and may require travel to support customer or corporate meetings near Hanscom AFB (Boston, MA), or Reston, VA. Primary Responsibilities Include: Serve as the Lead Cybersecurity Incident Response Manager for the program as the primary POC for customer interactions Lead a group of approximately 10 Cyber engineers to fulfill the cyber requirements for the program Responsible for assisting the CIRT Team Lead with managing the team of CIRT analysts, Incident Response actions and priorities, technical analysis and root cause analyses, and interfacing with the customer. Partner with other task leads in support of customer initiatives and cyber incidents. Utilize state of the art technologies such as host forensics tools, Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data. Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes. Create dashboards for key metrics and processes and deliver technical presentations to various levels of customer leadership. Oversee the cybersecurity incidents and update artifacts in eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and Authorization to Operate (ATO) Experience implementing cATO leveraging automation and dashboards Provide and execute a plan for vulnerability and compliance scanning Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components. Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials Work closely with government Cyber & technical teams to support ATO conditions and requirements. Prepare detailed technical documentation to support development and operational processes Collaborate with team members and provide mentorship to junior staff, fostering a learning environment Act as the Cyber manager to assess employee performance, hire new employees, and ensure compliance with corporate training requirements
Requirements
- Bachelors and 8+ years of prior relevant experience or Masters with 6+ years of prior relevant experience.
- 4+ years of experience supervising or leading teams or projects.
- Active Secret clearance at a minimum required to start
- US citizenship required
- Certifications: CompTIA Security+ or equivalent (IAT-2)
Nice To Haves
- Experience with USAF Cloud One or Platform 1
- Experience with Zero Trust Architecture
- Cloud certifications in AWS, Azure, Google, or Oracle clouds
- Certifications: CISSP
Responsibilities
- Serve as the Lead Cybersecurity Incident Response Manager for the program as the primary POC for customer interactions
- Lead a group of approximately 10 Cyber engineers to fulfill the cyber requirements for the program
- Responsible for assisting the CIRT Team Lead with managing the team of CIRT analysts, Incident Response actions and priorities, technical analysis and root cause analyses, and interfacing with the customer.
- Partner with other task leads in support of customer initiatives and cyber incidents.
- Utilize state of the art technologies such as host forensics tools, Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data.
- Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes.
- Create dashboards for key metrics and processes and deliver technical presentations to various levels of customer leadership.
- Oversee the cybersecurity incidents and update artifacts in eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and Authorization to Operate (ATO)
- Experience implementing cATO leveraging automation and dashboards
- Provide and execute a plan for vulnerability and compliance scanning
- Implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components.
- Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials
- Work closely with government Cyber & technical teams to support ATO conditions and requirements.
- Prepare detailed technical documentation to support development and operational processes
- Collaborate with team members and provide mentorship to junior staff, fostering a learning environment
- Act as the Cyber manager to assess employee performance, hire new employees, and ensure compliance with corporate training requirements
Benefits
- Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
