Cybersecurity Lead Manager

About The Position

Requirements

• U.S. Citizenship
• Active SECRET clearance
• Bachelor’s degree and 5-7 years of experience, in a related field, or equivalent combination of education and experience.
• Project Management Professional (PMP) certification
• Certified Information Systems Security Professional (CISSP)
• Cisco Certified Network Professional (CCNP) (or equivalent)
• Must meet DoD ADP Level II / IAT Level II or higher requirements.
• Must comply with all DoD cybersecurity policies and training requirements
• Demonstrated experience supporting DoDEA or similar DoD cybersecurity environments
• Proven experience leading enterprise cybersecurity programs
• Strong background in:
• RMF / A&A processes
• Cybersecurity engineering and operations
• SIEM and security monitoring
• Incident response and vulnerability management
• SIEM platforms (e.g., Splunk, Sentinel, or equivalent)
• Log management, correlation rules, and alerting
• Network security tools (IDS/IPS, firewalls, HBSS)
• Cloud security (AWS, Azure)
• Vulnerability scanning tools (ACAS, SCAP)
• eMASS and RMF documentation processes

Responsibilities

• Serve as the primary point of contact (POC) for the Government COR and stakeholders.
• Develop, maintain, and execute the Program Management Plan (PMP), including:
• Risk-adjusted schedules
• Staffing and resource planning
• Communications management
• Lead weekly status reporting, monthly reporting, and program review briefings.
• Ensure all deliverables meet PWS requirements, timelines, and Acceptable Quality Levels (AQLs).
• Manage contractor personnel, including performance oversight and task prioritization.
• Oversee execution of RMF Assessment & Authorization (A&A) activities.
• Ensure completion and quality of:
• System Security Plans (SSPs)
• Security Assessment Plans (SAPs)
• Security Assessment Reports (SARs)
• Plans of Action & Milestones (POA&Ms)
• Provide guidance on continuous monitoring strategies and near real-time risk management.
• Ensure proper use of eMASS for documentation and tracking.
• Provide leadership for enterprise cybersecurity architecture and operations.
• Oversee implementation and sustainment of:
• IDS/IPS, HBSS, firewalls, VPNs, and endpoint security
• Cloud security architecture (AWS, Azure, etc.)
• Lead advanced analysis of logs, network traffic, and system artifacts during incidents.
• Oversee Security Information and Event Management (SIEM) capabilities, including:
• Development of detection use cases, alerts, and correlation rules
• Integration of threat intelligence and indicators of compromise (IOCs)
• Optimization of monitoring policies across SIEM, EDR, IDS, and cloud systems
• Ensure effective log aggregation, normalization, and monitoring across enterprise systems.
• Drive improvements to real-time monitoring and alerting capabilities supporting CSOC operations.
• Oversee enterprise vulnerability assessment and remediation programs.
• Ensure compliance with:
• IAVM / IAVA requirements
• DISA STIGs and SCAP tools
• Provide leadership on threat tracking, risk prioritization, and remediation strategies.
• Support development of dashboards and reporting for DoDEA leadership.
• Lead Tier 3 incident response support and forensic investigations.
• Oversee:
• Security testing (penetration testing, SRR, code scanning)
• DevSecOps security integration
• Ensure rapid detection, analysis, and containment of cybersecurity incidents.
• Oversee development of:
• Policies, SOPs, IT directives, and technical documentation
• Service catalogs and SLAs
• Ensure all documentation is accurate, compliant, and aligned with DoDEA standards.
• Provide leadership and direction to:
• SIEM engineers
• ISSOs
• Cybersecurity engineers
• Technical writers
• Ensure personnel meet DoD 8140 / IAT Level II/III certification requirements.
• Mentor team members and drive continuous improvement.

Benefits

• health care
• dental
• vision
• life insurance
• 401(k)
• education assistance
• paid time off including PTO, holidays, and any other paid leave required by law