Security Operations Manager

About The Position

Requirements

• BA/BS in business management or related discipline or equivalent experience.
• Possesses a Top Secret
• Possesses a Certified Information Systems Security Professional (CISSP) certification.
• A minimum of five (5) years of experience with all phases of IA and accreditation processes, securing IT systems and services using Government and industry IA standards, policies, guidelines, and best practices.
• Demonstrated experience managing and leading a security operations staff with skills applicable to a project environment similar in size and scope referenced in this task.
• Demonstrated experience successfully managing information security risks to include completing the entire A&A process including receiving Authority to Operate (ATO) for the cloud.

Nice To Haves

• Demonstrated experience with encryption devices and procedures as they relate to networks and data.

Responsibilities

• Responsible for the day-to-day acquisition and asset management operations in the CA EOC.
• The Security Operations team is responsible for supporting the Assessment & Authorization (A&A) process in coordination with CA/CST’s ISSO team.
• This includes (but is not limited to):
• Managing security monitoring,
• POA&M remediation maintaining standard security configurations in compliance with DOS security standards,
• Managing incident response,
• Supporting security posture assessment and cyber hygiene activities,
• Managing centralized logging and threat analysis, and
• Ensuring consistent, comprehensive and timely patching across the environment
• Performs and/or reviews technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommends mitigation strategies.
• Provides the technical and management support necessary to train and certify personnel to execute assessments.
• Validates and verifies system security requirements definitions and analysis and establishes system security designs.
• Provides the technical and management support necessary to baseline, evolve, and sustain and execute vulnerability assessments and defense assessments.
• Designs, develops, implements and/or integrates security systems and system components, including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
• Supports the building of security architectures.
• Assesses and mitigates system security threats/risks throughout the program lifecycle.
• Provides the technical and management support necessary to baseline, evolve, and sustain CA infrastructure, data, and processes.
• Collaborate with Engineers, Project and Product Managers to acquire and manage infrastructure assets.
• Ability to meet deadlines and satisfy requirements from other Engineers and Project Management
• Provides the coordination between resource managers/supervisors and ensures all necessary reviews and approvals are received.
• Communicate effectively and efficiently across all CA stakeholders including with the business, technical teams, and leaders.
• Take technical ownership of tasks and successfully work independently.
• Performs related duties as assigned.