Cybersecurity Manager - SME

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: TS//SCI Eligible
• 12+ years of experience in cybersecurity
• Demonstrated experience leading enterprise cybersecurity operations spanning SOC activities, vulnerability management, incident response, compliance, and RMF support.
• Demonstrated ability to establish operational priorities, performance standards, and risk tolerance thresholds for large-scale cybersecurity programs.
• Experience briefing senior Government stakeholders on cybersecurity posture, risk decisions, compliance status, and mission impacts.
• Experience managing cybersecurity operations in both classified and unclassified environments.
• Experience coordinating cross-functional cyber activities with operations, engineering, and application support teams to maintain mission readiness.
• Experience overseeing continuous monitoring, authorization sustainment, and compliance reporting using eMASS and related security evidence processes.
• Experience directing threat detection and defensive cyber activities supported by SIEM analytics, EDR, IDS/IPS, and incident escalation workflows.

Responsibilities

• Lead Task 3 cybersecurity operations and establish enterprise priorities, performance standards, and risk tolerances across SOC operations, vulnerability management, incident response, RMF, compliance, defensive cyber engineering, CDAP analytics, and advanced threat activities.
• Serve as the principal cybersecurity advisor to Government leadership on enterprise security posture, risk acceptance, compliance status, and modernization considerations in accordance with DoD and ARNG cybersecurity policy.
• Direct 24x7x365 cybersecurity operations supporting DCO-IDM across ARNG classified and unclassified network environments within the DoDIN-A(NG) area of responsibility.
• Oversee enterprise risk reporting, compliance validation, and sustained authorization activities, including alignment of security artifacts, POA&Ms, and ongoing authorization evidence within eMASS.
• Guide SOC and monitoring operations using USIEM, EDR, SOAR, IDS/IPS, and MITRE ATT&CK-based analytics to improve threat detection, triage, response, and enterprise defensive posture.
• Coordinate cybersecurity operations and incident response with NETCOM Global Cyber Center, DISA DCDC, ARCYBER, USCYBERCOM, RCCs, and other owning organizations as required.
• Align vulnerability management and secure baseline activities across ARNG environments, including integration of ACAS, STIG Manager, continuous compliance validation, and prioritized remediation based on mission and threat conditions.
• Synchronize cybersecurity support with enterprise applications and enterprise operations teams to maintain secure operations across platforms, enclaves, and hosted services supporting 54 states and territories.
• Direct resource alignment and operational governance to ensure cybersecurity support remains responsive to ARNG mission requirements, including Title 10 and Title 32 operations, mobilization readiness, domestic emergency response, and SIPRNet mission support.
• Support transition-in planning and execution, as needed, to preserve operational continuity, maintain security oversight, and reduce risk during assumption of Task 3 responsibilities.