Defense Critical Infrastructure/Operational Technology Team Lead - Senior

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 511-Cyber Defense Analyst — Intermediate proficiency; must hold ONE OR MORE of the following: CEH(P),GMON,GRID,Cloud+,FITSP-O,GCED,GDSA,GSEC,PenTest+,Security+
• 7+ years of experience in cybersecurity
• Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
• Experience leading data security monitoring, risk analysis, and governance activities in support of enterprise cybersecurity operations.
• Experience investigating complex data security incidents and coordinating remediation across system owners and cybersecurity stakeholders.
• Experience developing or applying data protection controls supporting DLP, encryption, and access control enforcement.
• Ability to analyze enterprise data risk trends and present high-risk exposure findings and remediation priorities to leadership.
• Experience supporting continuous monitoring objectives within DoD or ARNG cybersecurity environments.
• Experience working across classified and unclassified network environments in support of enterprise cyber defense missions.
• Familiarity with SIEM-driven monitoring and analytics in support of centralized security visibility and incident response.
• Ability to coordinate data security activities within large, geographically distributed environments supporting mission operations across multiple sites and stakeholders.

Responsibilities

• Lead enterprise data protection activities by defining and implementing monitoring strategies, risk assessment methods, and governance processes for DLP, encryption, and access control enforcement.
• Analyze data risk trends and high-risk exposure areas across ARNG classified and unclassified environments, and provide prioritized recommendations to leadership for remediation and risk reduction.
• Oversee investigation of complex data security incidents and ensure response actions align with DoD and ARNG cybersecurity policy, continuous monitoring objectives, and Task 3 cybersecurity operations deliverables.
• Coordinate remediation activities with system owners, cybersecurity teams, and security operations personnel to reduce data exposure and improve enterprise security posture across the DoDIN-Army-NG AOR.
• Support integration of data protection considerations with USIEM, DLP analytics, and broader monitoring and analysis activities to improve centralized visibility and cyber defense decision-making.
• Collaborate with NETCOM Global Cyber Center, DISA DCDC, and internal ENOCS cyber teams, as required, to support incident coordination, reporting, and protection of critical national infrastructure and other networks of interest.
• Advise on data security risks affecting Defense Critical Infrastructure/Operational Technology environments and help align monitoring and protective measures with ARNG cyber defense objectives.
• Ensure data security governance and incident handling activities support RMF-related continuous monitoring expectations, including coordination of evidence, reporting, and corrective actions where applicable.
• Contribute to the protection of ARNG mission operations spanning Title 10, Title 32, mobilization readiness, domestic emergency response, and classified SIPRNet-supported activities by reducing enterprise data risk and strengthening cyber resilience.