Operations & Security Manager

About The Position

Requirements

• Master’s degree in engineering, information technology, or related field (or equivalent formal training and experience).
• Minimum 10 years of overall experience, including at least 7 years in Information SPAA, cybersecurity, system administration, or engineering.
• At least 7 years as ISSO, security analyst, or security engineer with hands-on experience in:
• NIST Risk Management Framework (RMF)
• audit log reviews
• system monitoring
• SPAA processes
• FISMA requirements
• vulnerability and compliance scanning
• continuous monitoring
• security testing and evaluation
• security policies
• Minimum 7 years of experience in vertical disciplines such as law enforcement, anti-terrorism, biological science, banking, transportation, or similar fields.
• Minimum 5 years managing a SOC or similar 24x7 security operations team.

Nice To Haves

• Experience supporting public sector or government contracts in Florida.
• Familiarity with Rule 60GG and State of Florida operational standards.
• Certifications such as CISSP, CISM, or GIAC.
• Demonstrated experience with disaster recovery, incident response, and service restoration in large-scale environments.
• Strong knowledge of cybersecurity architecture, monitoring, and security tools (e.g., SIEM, vulnerability scanners, ticketing systems).
• Experience with security standards (NIST, FISMA), audit log reviews, and integration with NOC operations.
• Proven ability to manage staff, schedules, and performance in a 24x7 operational environment.
• Excellent communication, leadership, and stakeholder management skills.
• Availability to serve as the designated backup and single point of contact for all SOC operations, 24x7, 365 days/year.
• Experience with large-scale security audits, upgrades, and service transitions.

Responsibilities

• Lead the design and implementation of complex IT security solutions, including Threat Management, Vulnerability Management, and Identity and Access Management.
• Evaluate security control compliance with federal and State of Florida requirements and client monitoring strategies.
• Develop and manage security standards for physical and virtual desktop environments.
• Identify and manage risks associated with information systems.
• Coordinate with the client’s Cybersecurity Unit to maintain compliance and Authorization to Operate (ATO).
• Ensure secure operation, maintenance, and disposal of assigned assets and systems.
• Conduct annual assessments to ensure policy and standards compliance.
• Address security requirements throughout the system lifecycle.
• Establish and review audit trails and retain audit logs.
• Generate and interpret documentation for CSAM compliance.
• Provide cybersecurity guidance aligned with industry best practices.
• Analyze vulnerabilities and present findings to system owners and leadership.
• Communicate effectively to document and report on security efforts and gaps.
• Support integration, testing, operations, and maintenance of system security.
• Develop and maintain internal Standard Operating Procedures (SOPs) for all SOC activities; ensure documentation is current and audit-ready.
• Align IT strategy with business processes and establish performance measures.
• Contribute to enterprise-level planning processes and systems.
• Administer hardware and software inventory and provide system operation support.
• Directly manage all SOC staff, including shift leads, analysts, and engineers; oversee staffing, scheduling, training, and performance management.
• Serve as the single point of contact for all SOC operations, incident response, and escalation—available 24x7, 365 days/year.
• Lead the continuous improvement of SOC processes, including threat detection, vulnerability management, incident response, and change management.
• Ensure compliance with Rule 60GG, NIST, FISMA, and other applicable standards for security operations and disaster recovery.
• Oversee the integration of SOC and NOC functions, ensuring effective communication, escalation, and coordinated response to security and operational events.
• Manage security assurance tools, dashboards, and reporting for threat intelligence, incident trends, and SLA compliance.
• Coordinate with field services, engineering, and executive leadership to support security upgrades, audits, and special projects.
• Participate in contract workgroups and program governance forums; contribute to enterprise-level planning and performance measurement.
• Lead disaster recovery planning, testing, and execution for security services.
• Foster a culture of operational excellence, continuous improvement, and customer focus within the SOC team.