Kansas Works Veterans Jobs

Kansas Works Logo

Job Information

General Dynamics Information Technology Cyber Risk Manager (SOC Manager) - Secret clearance required in Topeka, Kansas

Type of Requisition: Regular

Clearance Level Must Be Able to Obtain: Secret

Public Trust/Other Required: None

Job Family: Information Security

Join an exciting and dynamic team delivering a large-scale Enterprise Common Tools cloud platform, automation & orchestration, and Cloud Application Migration effort for the Army. This team works in a dynamic and fast-paced environment, with engineering, migration, and operations & sustainment of cloud migration efforts. Enterprise Common Tools and specific Army program customer migration efforts provide a range of day-to-day challenges, while the bigger picture architecture and migration efforts provide tangible milestones that the team pursues together following AGILE practices, to deliver the overall program effort. We’re looking for self-starter Leads and technical engineers, to work both as part of the team and on individual assignments, in an environment of customer mission delivery, integrity and communications. We’re looking to fill this role/team with those who currently have the cloud experience, certifications, and skills to execute in large enterprise environments, are flexible and enjoy tackling challenges, and desire to join a large team that is building and sustaining a large multi-tenant cloud platform/enterprise and migrating/expanding/automating the enterprise. If this sounds like you and you love to learn and grow with a team while delivering program milestones, then we’d love to hear from you!

The Cyber Risk Manager has responsibility for running the Security Operations Center (SOC) and leads a team of professionals responsible for the execution, development, and operation of cyber engineering and monitoring services. The individual will provide oversight for activities required to deliver secure solutions that support our customers such as:

  • Increase maturity of key Security Operations Center capabilities across governance, people, processes and technology to help achieve integrated cyber defense, proactively monitor, detect, investigate, and respond to known and unknown attacks

  • Provide effective approaches to Security Operations Center development and operations, and collaborate with our client stakeholders on implementation roadmaps and execution

  • Work with our clients to identify, architect, and deploy security analytics and alerting solutions

  • Clearly articulating the role of Cyber Threat Intelligence in the cyber defense strategy, and integrate intelligence across defense disciplines such as risk, security architecture, monitoring / detection, vulnerability management, and application security.

  • Lead the development of actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, including actual technical implementation of parsing log sources creating, validating and testing alerting queries to reduce false positives.

  • Infuse leading practices to increase centralized visibility to identify suspicious activity and reduce the mean time to detect and respond to cyber threats.

Responsibilities:

  • Drive development and manage the implementation of Cyber Security capabilities targeted on key client’s risk and business needs, and enhanced by leading practices across people, processes and technology including current state assessments

  • Design and manage the implementation of Cyber Security operating models, identifying, evaluating, and providing solutions to evaluate complex business via a threat-based approaches

  • Lead process walkthrough discussions to recommend improvements on end-to-end business processes and functional requirements based on latest SOC trends

  • Design and manage the technical implementation of threat-based use cases in Security Information Event Management (SIEM) and threat analytic systems

  • Coordinate across multiple stakeholder groups and manage end-to-end concurrent projects

  • Execute services and supervise staff in delivering engagement services

  • Select and tailor approaches, methodologies, and tools to support service offering or industry projects

  • Strive to exceed client expectations; build and nurture positive working relationships with clients

  • Manage day-to-day interactions with clients and internal team

  • Display leadership and business judgment in anticipating client/project needs and developing alternative solutions

  • Track and communicate engagement performance and planning to engagement management, ensuring project milestones remain on track and are completed timely and escalate risks as appropriate.

  • Responsible for project(s) financials including development of financial plans

  • Identify opportunities to improve engagement profitability

  • Participate and lead aspects of the proposal development process

  • Actively participate in the development of business and vendor relationships

  • Actively mentor and train team members on Cyber Security processes, governance, and frameworks

  • Provide counseling/coaching, oversight, and support for delivery teams and staff

  • Participate actively in staff recruitment and retention activities providing input and guidance into the staffing process

  • Adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature. Helping maintain our client’s strong professional relationships.

Required Experience:

  • Over five years of experience in cyber security and IT service delivery management

  • Experience in IT service delivery via KPIs, strategic planning, budgeting, and allocation

  • 8570.01M IAM Level III certification is required

  • Industry specific certifications such as CISSP, CISM, CISA and/or CRISC

  • In depth knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.

  • Excellent communication, listening & facilitation skills

  • Demonstrated consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)

  • Experience with SIEM technology (e.g. Splunk, AWS security services, etc.) or interpreting, searching, and manipulating data within enterprise logging solutions or IT Service Management (ITSM) tools, workflow, and automation

  • Experience extending enterprise security controls to the cloud

  • At least one Cloud certification: AWS Certified Cloud Practitioner equivalent or higher

  • Proven leadership skills demonstrating strong judgment, problem-solving, and decision-making abilities

  • Experience managing senior-level client relationships

  • Experience mentoring and coaching others

Preferred:

  • Previous public sector consulting experience

  • Master’s degree in Cybersecurity, Information Assurance or related field

  • At least one associate level cloud certification

  • AWS Security Specialty certification

Education:

  • Require BA/BS degree in management information systems, computer science, risk management, information security, engineering, or related discipline

Clearance:

  • Active Secret Clearance

Location:

  • Telework, with preferred location in National Capital Region (NCR) for meetings

Travel:

  • 10-15%

#GDITPriority

#PEOEISMSP

This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Florida, Montana, Tennessee, Texas, or work outside of the United States may be excluded from this requirement.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

DirectEmployers