Security Operations Team Lead

About The Position

Requirements

• Minimum 5 years of experience in security infrastructure operations within DoD or Federal environments
• Expertise with enterprise firewall platforms (Palo Alto, Cisco ASA/Firepower)
• Experience operating and monitoring IDS/IPS, web proxies, reverse proxies, and load balancers
• Strong knowledge of network security protocols, DNS/DNSSEC, and traffic analysis techniques
• Experience applying DISA STIGs and managing IAVM compliance for security devices
• Demonstrated ability to lead operations teams in 24/7 environments with strict SLA requirements
• Experience with security monitoring tools (Splunk, endpoint security platforms)
• Knowledge of DoD cybersecurity policies, CTOs, and compliance requirements
• Strong troubleshooting skills for complex network security issues
• Ability to support COOP exercises and emergency operations
• Active Top Secret/ SCI clearance is required.
• Must be a United States Citizen and pass a background check.
• Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITC’S Client(s)/Customer(s)/Prime contractor(s).
• 441 Network Operations (NETOPS) Specialist Intermediate certifications
• Computing Environment (CE) certification required for privileged access roles
• Must obtain and maintain all mandatory DoD 8140 certifications

Nice To Haves

• Palo Alto PCNSA/PCNSE or Cisco security certifications
• Splunk Core Certified User or Power User
• Experience with Zero Trust Network Architecture technologies
• DFAS or DoD financial system security operations experience
• Experience supporting classified (JWICS) network operations

Responsibilities

• Lead and supervise Security Infrastructure Operations staff delivering 24/7 security device operations and monitoring
• Manage installation, configuration, and operation of security infrastructure devices including firewalls, IPS/IDS, DNSSEC, reverse proxies, web proxies, and load balancers
• Direct continuous security infrastructure monitoring for threat detection and incident response
• Oversee network traffic analysis and troubleshooting of access issues involving DFAS security devices
• Coordinate STIG application, security patching, and CTO implementation for all managed security devices
• Manage vulnerability scanning, compliance reporting, and IAVM timelines for security infrastructure
• Provide Tier II-level customer service for security-related issues affecting DFAS mission operations
• Develop and maintain operational documentation including SOPs, monitoring procedures, and incident response guides
• Coordinate with CSSP Engineering and IA teams on security incidents, changes, and compliance requirements
• Support project management for security infrastructure initiatives and technology refresh efforts
• Ensure documentation and audit readiness for all security operations activities