Security Operations & Engineering Manager - Full-time

Description

Leidos has an immediate need for a Security Operations and Engineering Manager to support our National Oceanic and Atmospheric Administration (NOAA) Cyber Security Center (NCSC) Engineering & Operations team.  As a Security Operations and Engineering Manager, you will play a valuable part in supporting the NCSC’s mission to protect NOAA networks, computers, programs and data from cyber-attack damage and unauthorized access. This boundary is responsible for approximately 1000 assets including Windows, Linux, and network devices in on-premises data centers. The ideal candidate would have prior experience managing a well-executed IT operations team and transforming culture and processes to improve operational rigor.

Responsibilities Include but are not limited to:

• Implementation of Information Technology Infrastructure Library (ITIL) Framework (IT service lifecycle: service strategy, service design, service transition, service operation and continual service improvement.)
• Recommend and/or support customer strategic planning to modernize the IT infrastructure to enable more mature SOC capabilities.
• Plan and manage tech refresh and modernization projects. 
• Oversee support operations, service requests, maintain activities, and administer networks including hardware, systems software, applications software, patching, updates, maintenance activities, and all configurations.
• Collaborate across multiple disciplines and levels of the organization.
• Lead the coordinating of issue remediation and activities to ensure Service Level Agreement (SLA) for service quality and service availability are met.
• Provide metrics and reports customer to SLAs are met.
• Experience planning and coordinating program activities to include installation and upgrading of hardware and software (utilization of cloud services), programming and systems design, development, or modification of IT networks,
• Manage Staff and their performance to include training, professional development, performance management and evaluation.
• Advise and participate in recruiting and onboarding activities for new staff.
• Manage Staff and their performance.
• Support the ISSO in ensuring operations and security of the environment is compliant with the System Security Plan, agency, and federal mandates to maintain ATO.

Required Experience, Skills, and Education:

• Bachelor’s degree in computer science, Engineering, Information Technology, Cybersecurity, or a related field with 5+ years of prior relevant experience or a Masters with 3+ years of prior relevant experience. Experience in lieu of degree may be acceptable.
• Generally has 2+ years of experience supervising or leading teams or projects.
• (ISC)² Certified Information Systems Security Professional (CISSP) Certification or equivalent certification
• Knowledge of security system design tools, methods, and techniques
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management)
• Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
• Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of system life cycle management principles, including software security and usability.
• Knowledge of capabilities and requirements analysis.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Knowledge of basic system, network, and OS hardening techniques.
• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Skill in identifying systemic security issues based on the analysis of vulnerability and configuration data.
• Skill in troubleshooting and diagnosing cyber defense infrastructure and application anomalies and work through resolution.
• Skill in applying and incorporating information technologies into proposed solutions.
• Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
• Skill in developing and applying security system access controls.
• Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• Skill in independently making configuration updates to ensure system availability requirements.
• Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.)
• Ability to write and verbally communicate effectively to both technical and non-technical audiences.
• Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, and high-stress situations.
• Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Ability and drive to quickly learn new software and IT concepts.
• Understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.
• Knowledge and experience in supporting: Linux/UNIX, Python/PowerShell/Javascript, vulnerability scanning & patching, firewalls, and networking.
• Knowledge and experience in administering: Windows, Archer, ThreatConnect, FireEye, Tenable/Nessus, WebInspect, SCCM, VMWare, FreeNAS/Pure/NetApp storage, and PKI certificate management
• Experience with MS Office products (Word, Excel, and PowerPoint) working with large data sets.
• Good oral and written communication skills

Clearance:

• US Citizenship required.
• Must be able to maintain security clearance, specifically DoD/Top Secret Clearance or (Interim Top Secret or Secret acceptable).

Preferred Experience, Skills, and Education:

• Demonstrated experience in cyber security design, engineering and operations.
• Experience with System Administration, Network Administration Network Security, Networking Standards, Network Protocols, NIST/FISMA standards and controls, SIEM platforms and security tools, Network Hardware Configurations
• Knowledge of NIST SP 800 53 series or ISO 27000 series documents 
• Windows 10 security best practices and configurations
• Understanding of advanced threat detection in an enterprise environment
• Understanding of malware families, their types, and the threat they pose
• Proficiency with Microsoft Windows administrative & troubleshooting tools.
• Demonstrated experience performing cybersecurity analysis from an operations & engineering perspective.
• Experience with Splunk (preferred) or other SIEM platform

Location:

• Fairmont, WV
• Hybrid option; pending approval

Original Posting Date:2023-12-18

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

#Remote

#Featuredjob